Bump npm from 6.14.11 to 7.5.6

[dependabot-preview[bot]]

Bumps npm from 6.14.11 to 7.5.6.

Release notes

Sourced from npm's releases.

v7.5.6 (2021-02-22

BUG FIXES

• 4e58274ed #2742 Do not print error banner for shell proxy commands (@isaacs)

DOCS

• 3c72ab441 #2749 Capitalize Package in a Heading (@MrBrain295)

DEPENDENCIES

• f3ae6ed0d read-package-json@3.0.1, read-package-json-fast@2.0.2
• 9b311fe52 #2736 @npmcli/arborist@2.2.4:
  • Do not rely on underscore fields in package.json files
  • Do not remove global packages when updating by name
  • Keep yarn.lock and package-lock.json more in sync

v7.5.5 (2021-02-22)

BUG FIXES

• 49c95375a #2688 fix shrinkwrap in node v10.0 (@ljharb)
• 00afa3161 #2718 restore the prefix on output from npm version <inc> (@nlf)
• 69e0c4e8c #2716 throw an error when trying to dedupe in global mode (@nlf)
• b018eb842 #2719 obey silent loglevel in run-script (@wraithgar)

DEPENDENCIES

• 8c36697df @npmcli/arborist@2.2.3
  • #1875 arborist#230 Set default advisory severity/vulnerable_range when missing from audit endpoint data (@isaacs)
  • npm/arborist#231 skip optional deps with mismatched platform or engine (@nlf)
  • #2251 Unpack shrinkwrapped deps not already unpacked (@isaacs, @nlf)
  • #2714 Do not write package.json if nothing changed (@isaacs)
  • npm/rfcs#324 Prefer peer over prod dep, if both specified (@isaacs)
  • npm/arborist#236 Fix additional peerOptional conflict cases (@isaacs)
• d865b101f libnpmpack@2.0.1
  • respect silent loglevel
• e606953e5 libnpmversion@1.0.11
  • respect silent loglevel
• 9c51005a1 npm-package-arg@8.1.1
  • do a better job of detecting git specifiers like git@github.com:npm/cli
• 8b6bf0db4 pacote@11.2.7
  • respect silent loglevel
  • fix INVALID_URL errors for certain git dependencies

TESTS

• 80c2ac995 #2717 refactor publish tests (@wraithgar)
• 9d81e0ceb #2729 fix typo in shrinkwrap tests (@eltociear)

DOCUMENTATION

... (truncated)

Changelog

Sourced from npm's changelog.

v7.5.6 (2021-02-22

BUG FIXES

• 4e58274ed #2742 Do not print error banner for shell proxy commands (@isaacs)

DOCS

• 3c72ab441 #2749 Capitalize Package in a Heading (@MrBrain295)

DEPENDENCIES

• f3ae6ed0d read-package-json@3.0.1, read-package-json-fast@2.0.2
• 9b311fe52 #2736 @npmcli/arborist@2.2.4:
  • Do not rely on underscore fields in package.json files
  • Do not remove global packages when updating by name
  • Keep yarn.lock and package-lock.json more in sync

v7.5.5 (2021-02-22)

BUG FIXES

• 49c95375a #2688 fix shrinkwrap in node v10.0 (@ljharb)
• 00afa3161 #2718 restore the prefix on output from npm version <inc> (@nlf)
• 69e0c4e8c #2716 throw an error when trying to dedupe in global mode (@nlf)
• b018eb842 #2719 obey silent loglevel in run-script (@wraithgar)

DEPENDENCIES

• 8c36697df @npmcli/arborist@2.2.3
  • #1875

... (truncated)

Commits

• 0c6bb2b 7.5.6
• 56535d4 update AUTHORS
• 9924d76 update tests for new @npmcli/arborist behavior
• cd90669 docs: changelog for 7.5.6
• 9b311fe @npmcli/arborist@2.2.4
• f3ae6ed read-package-json@3.0.1, read-package-json-fast@2.0.2
• 3c72ab4 Capitalize Package in a Heading
• ad4d12e Move implementation to separate package
• 773ae3e chore(refactor): clean up lifecycle-cmds
• 4e58274 Do not print error banner for shell proxy commands
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

Superseded by #49.