Bump npm from 6.14.11 to 7.6.0

[dependabot-preview[bot]]

Bumps npm from 6.14.11 to 7.6.0.

Release notes

Sourced from npm's releases.

v7.5.6 (2021-02-22

BUG FIXES

• 4e58274ed #2742 Do not print error banner for shell proxy commands (@isaacs)

DOCS

• 3c72ab441 #2749 Capitalize Package in a Heading (@MrBrain295)

DEPENDENCIES

• f3ae6ed0d read-package-json@3.0.1, read-package-json-fast@2.0.2
• 9b311fe52 #2736 @npmcli/arborist@2.2.4:
  • Do not rely on underscore fields in package.json files
  • Do not remove global packages when updating by name
  • Keep yarn.lock and package-lock.json more in sync

v7.5.5 (2021-02-22)

BUG FIXES

• 49c95375a #2688 fix shrinkwrap in node v10.0 (@ljharb)
• 00afa3161 #2718 restore the prefix on output from npm version <inc> (@nlf)
• 69e0c4e8c #2716 throw an error when trying to dedupe in global mode (@nlf)
• b018eb842 #2719 obey silent loglevel in run-script (@wraithgar)

DEPENDENCIES

• 8c36697df @npmcli/arborist@2.2.3
  • #1875 arborist#230 Set default advisory severity/vulnerable_range when missing from audit endpoint data (@isaacs)
  • npm/arborist#231 skip optional deps with mismatched platform or engine (@nlf)
  • #2251 Unpack shrinkwrapped deps not already unpacked (@isaacs, @nlf)
  • #2714 Do not write package.json if nothing changed (@isaacs)
  • npm/rfcs#324 Prefer peer over prod dep, if both specified (@isaacs)
  • npm/arborist#236 Fix additional peerOptional conflict cases (@isaacs)
• d865b101f libnpmpack@2.0.1
  • respect silent loglevel
• e606953e5 libnpmversion@1.0.11
  • respect silent loglevel
• 9c51005a1 npm-package-arg@8.1.1
  • do a better job of detecting git specifiers like git@github.com:npm/cli
• 8b6bf0db4 pacote@11.2.7
  • respect silent loglevel
  • fix INVALID_URL errors for certain git dependencies

TESTS

• 80c2ac995 #2717 refactor publish tests (@wraithgar)
• 9d81e0ceb #2729 fix typo in shrinkwrap tests (@eltociear)

DOCUMENTATION

... (truncated)

Changelog

Sourced from npm's changelog.

v7.6.0 (2021-02-25)

FEATURES

• 983d218f7 #2750 feat(explain): mark when dependency is bundled (@kumavis)

DEPENDENCIES

• b9fa7e32a chore(package-lock): resetdeps and eslint@7.20.0 (@wraithgar)
• 28d036ae9 arborist@2.2.5
  • fix: hidden lockfiles were not respected on Node v10.0-10.12

DOCUMENTATION

• ba1adef42 #2760 chore(docs): capitalize all Instaces of "package" (@MrBrain295)
• 8bfa05fa1 #2775 chore(docs): add navigation configuration (@ethomson)
• 238e474a4 #2778 chore(docs):update unpublish cooldown (@christoflemke)

v7.5.6 (2021-02-22)

BUG FIXES

• 4e58274ed #2742 Do not print error banner for shell proxy commands (@isaacs)

DOCS

• 3c72ab441 #2749 Capitalize Package in a Heading (@MrBrain295)

DEPENDENCIES

... (truncated)

Commits

• 0c881fc 7.6.0
• a1c6a15 update AUTHORS
• 12c57c7 docs: changelog for v7.6.0
• 7906410 fix(test): update hidden package-lock mtime in ls
• bb2f4b3 chore(docs):update unpublish cooldown
• e45242c chore(docs): add navigation configuration
• b7e37f6 chore(docs): capitalize all Instaces of "package"
• 113b131 chore(refactor): promisify completion scripts
• 881a855 feat(explain): mark when dependency is bundled
• 28d036a arborist@2.2.5
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gar, a new releaser for npm since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

Superseded by #51.