npm: Upgrade to 1.1.63

37 files changed, 990 insertions, 80 deletions

diff --git a/deps/npm/node_modules/glob/.travis.yml b/deps/npm/node_modules/glob/.travis.yml
index 94cd7f6ba..baa0031d5 100644
--- a/deps/npm/node_modules/glob/.travis.yml
+++ b/deps/npm/node_modules/glob/.travis.yml
@@ -1,4 +1,3 @@
 language: node_js
 node_js:
-  - 0.6
-  - 0.7
+  - 0.8
diff --git a/deps/npm/node_modules/glob/glob.js b/deps/npm/node_modules/glob/glob.js
index f58c4bbb3..94f699340 100644
--- a/deps/npm/node_modules/glob/glob.js
+++ b/deps/npm/node_modules/glob/glob.js
@@ -200,12 +200,14 @@ Glob.prototype._finish = function () {
     // at *some* point we statted all of these
     all = all.map(function (m) {
       var sc = this.statCache[m]
-      if (!sc) return m
-      if (m.slice(-1) !== "/" && (Array.isArray(sc) || sc === 2)) {
+      if (!sc)
+        return m
+      var isDir = (Array.isArray(sc) || sc === 2)
+      if (isDir && m.slice(-1) !== "/") {
         return m + "/"
       }
-      if (m.slice(-1) === "/") {
-        return m.replace(/\/$/, "")
+      if (!isDir && m.slice(-1) === "/") {
+        return m.replace(/\/+$/, "")
       }
       return m
     }, this)
diff --git a/deps/npm/node_modules/glob/package.json b/deps/npm/node_modules/glob/package.json
index d2ab0125f..242287989 100644
--- a/deps/npm/node_modules/glob/package.json
+++ b/deps/npm/node_modules/glob/package.json
@@ -6,7 +6,7 @@
   },
   "name": "glob",
   "description": "a little globber",
-  "version": "3.1.12",
+  "version": "3.1.13",
   "repository": {
     "type": "git",
     "url": "git://github.com/isaacs/node-glob.git"
@@ -21,7 +21,7 @@
     "inherits": "1"
   },
   "devDependencies": {
-    "tap": "~0.2.3",
+    "tap": "~0.3",
     "mkdirp": "0",
     "rimraf": "1"
   },
@@ -30,6 +30,6 @@
   },
   "license": "BSD",
   "readme": "# Glob\n\nThis is a glob implementation in JavaScript.  It uses the `minimatch`\nlibrary to do its matching.\n\n## Attention: node-glob users!\n\nThe API has changed dramatically between 2.x and 3.x. This library is\nnow 100% JavaScript, and the integer flags have been replaced with an\noptions object.\n\nAlso, there's an event emitter class, proper tests, and all the other\nthings you've come to expect from node modules.\n\nAnd best of all, no compilation!\n\n## Usage\n\n```javascript\nvar glob = require(\"glob\")\n\n// options is optional\nglob(\"**/*.js\", options, function (er, files) {\n  // files is an array of filenames.\n  // If the `nonull` option is set, and nothing\n  // was found, then files is [\"**/*.js\"]\n  // er is an error object or null.\n})\n```\n\n## Features\n\nPlease see the [minimatch\ndocumentation](https://github.com/isaacs/minimatch) for more details.\n\nSupports these glob features:\n\n* Brace Expansion\n* Extended glob matching\n* \"Globstar\" `**` matching\n\nSee:\n\n* `man sh`\n* `man bash`\n* `man 3 fnmatch`\n* `man 5 gitignore`\n* [minimatch documentation](https://github.com/isaacs/minimatch)\n\n## glob(pattern, [options], cb)\n\n* `pattern` {String} Pattern to be matched\n* `options` {Object}\n* `cb` {Function}\n  * `err` {Error | null}\n  * `matches` {Array<String>} filenames found matching the pattern\n\nPerform an asynchronous glob search.\n\n## glob.sync(pattern, [options]\n\n* `pattern` {String} Pattern to be matched\n* `options` {Object}\n* return: {Array<String>} filenames found matching the pattern\n\nPerform a synchronous glob search.\n\n## Class: glob.Glob\n\nCreate a Glob object by instanting the `glob.Glob` class.\n\n```javascript\nvar Glob = require(\"glob\").Glob\nvar mg = new Glob(pattern, options, cb)\n```\n\nIt's an EventEmitter, and starts walking the filesystem to find matches\nimmediately.\n\n### new glob.Glob(pattern, [options], [cb])\n\n* `pattern` {String} pattern to search for\n* `options` {Object}\n* `cb` {Function} Called when an error occurs, or matches are found\n  * `err` {Error | null}\n  * `matches` {Array<String>} filenames found matching the pattern\n\nNote that if the `sync` flag is set in the options, then matches will\nbe immediately available on the `g.found` member.\n\n### Properties\n\n* `minimatch` The minimatch object that the glob uses.\n* `options` The options object passed in.\n* `error` The error encountered.  When an error is encountered, the\n  glob object is in an undefined state, and should be discarded.\n* `aborted` Boolean which is set to true when calling `abort()`.  There\n  is no way at this time to continue a glob search after aborting, but\n  you can re-use the statCache to avoid having to duplicate syscalls.\n\n### Events\n\n* `end` When the matching is finished, this is emitted with all the\n  matches found.  If the `nonull` option is set, and no match was found,\n  then the `matches` list contains the original pattern.  The matches\n  are sorted, unless the `nosort` flag is set.\n* `match` Every time a match is found, this is emitted with the matched.\n* `error` Emitted when an unexpected error is encountered, or whenever\n  any fs error occurs if `options.strict` is set.\n* `abort` When `abort()` is called, this event is raised.\n\n### Methods\n\n* `abort` Stop the search.\n\n### Options\n\nAll the options that can be passed to Minimatch can also be passed to\nGlob to change pattern matching behavior.  Also, some have been added,\nor have glob-specific ramifications.\n\nAll options are false by default, unless otherwise noted.\n\nAll options are added to the glob object, as well.\n\n* `cwd` The current working directory in which to search.  Defaults\n  to `process.cwd()`.\n* `root` The place where patterns starting with `/` will be mounted\n  onto.  Defaults to `path.resolve(options.cwd, \"/\")` (`/` on Unix\n  systems, and `C:\\` or some such on Windows.)\n* `nomount` By default, a pattern starting with a forward-slash will be\n  \"mounted\" onto the root setting, so that a valid filesystem path is\n  returned.  Set this flag to disable that behavior.\n* `mark` Add a `/` character to directory matches.  Note that this\n  requires additional stat calls.\n* `nosort` Don't sort the results.\n* `stat` Set to true to stat *all* results.  This reduces performance\n  somewhat, and is completely unnecessary, unless `readdir` is presumed\n  to be an untrustworthy indicator of file existence.  It will cause\n  ELOOP to be triggered one level sooner in the case of cyclical\n  symbolic links.\n* `silent` When an unusual error is encountered\n  when attempting to read a directory, a warning will be printed to\n  stderr.  Set the `silent` option to true to suppress these warnings.\n* `strict` When an unusual error is encountered\n  when attempting to read a directory, the process will just continue on\n  in search of other matches.  Set the `strict` option to raise an error\n  in these cases.\n* `statCache` A cache of results of filesystem information, to prevent\n  unnecessary stat calls.  While it should not normally be necessary to\n  set this, you may pass the statCache from one glob() call to the\n  options object of another, if you know that the filesystem will not\n  change between calls.  (See \"Race Conditions\" below.)\n* `sync` Perform a synchronous glob search.\n* `nounique` In some cases, brace-expanded patterns can result in the\n  same file showing up multiple times in the result set.  By default,\n  this implementation prevents duplicates in the result set.\n  Set this flag to disable that behavior.\n* `nonull` Set to never return an empty set, instead returning a set\n  containing the pattern itself.  This is the default in glob(3).\n* `nocase` Perform a case-insensitive match.  Note that case-insensitive\n  filesystems will sometimes result in glob returning results that are\n  case-insensitively matched anyway, since readdir and stat will not\n  raise an error.\n* `debug` Set to enable debug logging in minimatch and glob.\n* `globDebug` Set to enable debug logging in glob, but not minimatch.\n\n## Comparisons to other fnmatch/glob implementations\n\nWhile strict compliance with the existing standards is a worthwhile\ngoal, some discrepancies exist between node-glob and other\nimplementations, and are intentional.\n\nIf the pattern starts with a `!` character, then it is negated.  Set the\n`nonegate` flag to suppress this behavior, and treat leading `!`\ncharacters normally.  This is perhaps relevant if you wish to start the\npattern with a negative extglob pattern like `!(a|B)`.  Multiple `!`\ncharacters at the start of a pattern will negate the pattern multiple\ntimes.\n\nIf a pattern starts with `#`, then it is treated as a comment, and\nwill not match anything.  Use `\\#` to match a literal `#` at the\nstart of a line, or set the `nocomment` flag to suppress this behavior.\n\nThe double-star character `**` is supported by default, unless the\n`noglobstar` flag is set.  This is supported in the manner of bsdglob\nand bash 4.1, where `**` only has special significance if it is the only\nthing in a path part.  That is, `a/**/b` will match `a/x/y/b`, but\n`a/**b` will not.  **Note that this is different from the way that `**` is\nhandled by ruby's `Dir` class.**\n\nIf an escaped pattern has no matches, and the `nonull` flag is set,\nthen glob returns the pattern as-provided, rather than\ninterpreting the character escapes.  For example,\n`glob.match([], \"\\\\*a\\\\?\")` will return `\"\\\\*a\\\\?\"` rather than\n`\"*a?\"`.  This is akin to setting the `nullglob` option in bash, except\nthat it does not resolve escaped pattern characters.\n\nIf brace expansion is not disabled, then it is performed before any\nother interpretation of the glob pattern.  Thus, a pattern like\n`+(a|{b),c)}`, which would not be valid in bash or zsh, is expanded\n**first** into the set of `+(a|b)` and `+(a|c)`, and those patterns are\nchecked for validity.  Since those two are valid, matching proceeds.\n\n## Windows\n\n**Please only use forward-slashes in glob expressions.**\n\nThough windows uses either `/` or `\\` as its path separator, only `/`\ncharacters are used by this glob implementation.  You must use\nforward-slashes **only** in glob expressions.  Back-slashes will always\nbe interpreted as escape characters, not path separators.\n\nResults from absolute patterns such as `/foo/*` are mounted onto the\nroot setting using `path.join`.  On windows, this will by default result\nin `/foo/*` matching `C:\\foo\\bar.txt`.\n\n## Race Conditions\n\nGlob searching, by its very nature, is susceptible to race conditions,\nsince it relies on directory walking and such.\n\nAs a result, it is possible that a file that exists when glob looks for\nit may have been deleted or modified by the time it returns the result.\n\nAs part of its internal implementation, this program caches all stat\nand readdir calls that it makes, in order to cut down on system\noverhead.  However, this also makes it even more susceptible to races,\nespecially if the statCache object is reused between glob calls.\n\nUsers are thus advised not to use a glob result as a\nguarantee of filesystem state in the face of rapid changes.\nFor the vast majority of operations, this is never a problem.\n",
-  "_id": "glob@3.1.12",
-  "_from": "glob@~3.1.9"
+  "_id": "glob@3.1.13",
+  "_from": "glob@latest"
 }
diff --git a/deps/npm/node_modules/glob/test/mark.js b/deps/npm/node_modules/glob/test/mark.js
new file mode 100644
index 000000000..fda66f8d2
--- /dev/null
+++ b/deps/npm/node_modules/glob/test/mark.js
@@ -0,0 +1,63 @@
+var test = require("tap").test
+var glob = require('../')
+process.chdir(__dirname)
+
+test("mark, no / on pattern", function (t) {
+  glob("a/*", {mark: true}, function (er, results) {
+    if (er)
+      throw er
+    t.same(results, [ 'a/abcdef/',
+                      'a/abcfed/',
+                      'a/b/',
+                      'a/bc/',
+                      'a/c/',
+                      'a/cb/',
+                      'a/symlink/' ])
+    t.end()
+  })
+})
+
+test("mark=false, no / on pattern", function (t) {
+  glob("a/*", function (er, results) {
+    if (er)
+      throw er
+    t.same(results, [ 'a/abcdef',
+                      'a/abcfed',
+                      'a/b',
+                      'a/bc',
+                      'a/c',
+                      'a/cb',
+                      'a/symlink' ])
+    t.end()
+  })
+})
+
+test("mark=true, / on pattern", function (t) {
+  glob("a/*/", {mark: true}, function (er, results) {
+    if (er)
+      throw er
+    t.same(results, [ 'a/abcdef/',
+                      'a/abcfed/',
+                      'a/b/',
+                      'a/bc/',
+                      'a/c/',
+                      'a/cb/',
+                      'a/symlink/' ])
+    t.end()
+  })
+})
+
+test("mark=false, / on pattern", function (t) {
+  glob("a/*/", function (er, results) {
+    if (er)
+      throw er
+    t.same(results, [ 'a/abcdef/',
+                      'a/abcfed/',
+                      'a/b/',
+                      'a/bc/',
+                      'a/c/',
+                      'a/cb/',
+                      'a/symlink/' ])
+    t.end()
+  })
+})
diff --git a/deps/npm/node_modules/ini/ini.js b/deps/npm/node_modules/ini/ini.js
index 7939f20e5..45651c03f 100644
--- a/deps/npm/node_modules/ini/ini.js
+++ b/deps/npm/node_modules/ini/ini.js
@@ -56,10 +56,7 @@ function decode (str) {
     , section = null
 
   lines.forEach(function (line, _, __) {
-    //line = line
-    var rem = line.indexOf(";")
-    if (rem !== -1) line = line.substr(0, rem)//.trim()
-    if (!line) return
+    if (!line || line.match(/^\s*;/)) return
     var match = line.match(re)
     if (!match) return
     if (match[1] !== undefined) {
@@ -108,13 +105,38 @@ function safe (val) {
          || (val.length > 1
              && val.charAt(0) === "\""
              && val.slice(-1) === "\"")
-         || val !== val.trim() ) ? JSON.stringify(val) : val
+         || val !== val.trim() )
+         ? JSON.stringify(val)
+         : val.replace(/;/g, '\\;')
 }
 
-function unsafe (val) {
+function unsafe (val, doUnesc) {
   val = (val || "").trim()
   if (val.charAt(0) === "\"" && val.slice(-1) === "\"") {
     try { val = JSON.parse(val) } catch (_) {}
+  } else {
+    // walk the val to find the first not-escaped ; character
+    var esc = false
+    var unesc = "";
+    for (var i = 0, l = val.length; i < l; i++) {
+      var c = val.charAt(i)
+      if (esc) {
+        if (c === "\\" || c === ";")
+          unesc += c
+        else
+          unesc += "\\" + c
+        esc = false
+      } else if (c === ";") {
+        break
+      } else if (c === "\\") {
+        esc = true
+      } else {
+        unesc += c
+      }
+    }
+    if (esc)
+      unesc += "\\"
+    return unesc
   }
   return val
 }
diff --git a/deps/npm/node_modules/ini/package.json b/deps/npm/node_modules/ini/package.json
index 1ab148897..3f45c18e2 100644
--- a/deps/npm/node_modules/ini/package.json
+++ b/deps/npm/node_modules/ini/package.json
@@ -6,7 +6,7 @@
   },
   "name": "ini",
   "description": "An ini encoder/decoder for node",
-  "version": "1.0.4",
+  "version": "1.0.5",
   "repository": {
     "type": "git",
     "url": "git://github.com/isaacs/ini.git"
@@ -23,6 +23,6 @@
     "tap": "~0.0.9"
   },
   "readme": "An ini format parser and serializer for node.\n\nSections are treated as nested objects.  Items before the first heading\nare saved on the object directly.\n\n## Usage\n\nConsider an ini-file `config.ini` that looks like this:\n\n    ; this comment is being ignored\n    scope = global\n\n    [database]\n    user = dbuser\n    password = dbpassword\n    database = use_this_database\n\n    [paths.default]\n    datadir = /var/lib/data\n\nYou can read, manipulate and write the ini-file like so:\n\n    var fs = require('fs')\n      , ini = require('ini')\n\n    var config = ini.parse(fs.readFileSync('./config.ini', 'utf-8'))\n\n    config.scope = 'local'\n    config.database.database = 'use_another_database'\n    config.paths.default.tmpdir = '/tmp'\n    delete config.paths.default.datadir\n\n    fs.writeFileSync('./config_modified.ini', ini.stringify(config, 'section'))\n\nThis will result in a file called `config_modified.ini` being written to the filesystem with the following content:\n\n    [section]\n    scope = local\n    [section.database]\n    user = dbuser\n    password = dbpassword\n    database = use_another_database\n    [section.paths.default]\n    tmpdir = /tmp\n\n## API\n\n### decode(inistring)\nDecode the ini-style formatted `inistring` into a nested object.\n\n### parse(inistring)\nAlias for `decode(inistring)`\n\n### encode(object, [section])\nEncode the object `object` into an ini-style formatted string. If the optional parameter `section` is given, then all top-level properties of the object are put into this section and the `section`-string is prepended to all sub-sections, see the usage example above.\n\n### stringify(object, [section])\nAlias for `encode(object, [section])`\n\n### safe(val)\nEscapes the string `val` such that it is safe to be used as a key or value in an ini-file. Basically escapes quotes. For example\n\n    ini.safe('\"unsafe string\"')\n\nwould result in\n\n    \"\\\"unsafe string\\\"\"\n\n### unsafe(val)\nUnescapes the string `val`\n\n",
-  "_id": "ini@1.0.4",
+  "_id": "ini@1.0.5",
   "_from": "ini@latest"
 }
diff --git a/deps/npm/node_modules/ini/test/fixtures/foo.ini b/deps/npm/node_modules/ini/test/fixtures/foo.ini
index e5b186604..6f11f3679 100644
--- a/deps/npm/node_modules/ini/test/fixtures/foo.ini
+++ b/deps/npm/node_modules/ini/test/fixtures/foo.ini
@@ -27,3 +27,6 @@ x.y.z = xyz
 
 [x\.y\.z.a\.b\.c]
 a.b.c = abc
+
+; this next one is not a comment!  it's escaped!
+nocomment = this\; this is not a comment
diff --git a/deps/npm/node_modules/ini/test/foo.js b/deps/npm/node_modules/ini/test/foo.js
index 2b32bb62f..64bd22329 100644
--- a/deps/npm/node_modules/ini/test/foo.js
+++ b/deps/npm/node_modules/ini/test/foo.js
@@ -21,6 +21,7 @@ var i = require("../")
             + 'j = 2\n\n[x\\.y\\.z]\nx.y.z = xyz\n\n'
             + '[x\\.y\\.z.a\\.b\\.c]\n'
             + 'a.b.c = abc\n'
+            + 'nocomment = this\\; this is not a comment\n'
   , expectD =
     { o: 'p',
       'a with spaces': 'b  c',
@@ -35,7 +36,8 @@ var i = require("../")
       'x.y.z': {
         'x.y.z': 'xyz',
         'a.b.c': {
-          'a.b.c': 'abc'
+          'a.b.c': 'abc',
+          'nocomment': 'this\; this is not a comment'
         }
       }
     }
diff --git a/deps/npm/node_modules/init-package-json/package.json b/deps/npm/node_modules/init-package-json/package.json
index 3d85725ff..2a45816f6 100644
--- a/deps/npm/node_modules/init-package-json/package.json
+++ b/deps/npm/node_modules/init-package-json/package.json
@@ -1,6 +1,6 @@
 {
   "name": "init-package-json",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "main": "init-package-json.js",
   "scripts": {
     "test": "tap test/*.js"
@@ -20,7 +20,7 @@
     "promzard": "~0.2.0",
     "read": "~1.0.1",
     "read-package-json": "0",
-    "semver": "~1.0.14"
+    "semver": "1.x"
   },
   "devDependencies": {
     "tap": "~0.2.5",
@@ -37,6 +37,6 @@
     "start"
   ],
   "readme": "# init-package-json\n\nA node module to get your node module started.\n\n## Usage\n\n```javascript\nvar init = require('init-package-json')\nvar path = require('path')\n\n// a path to a promzard module.  In the event that this file is\n// not found, one will be provided for you.\nvar initFile = path.resolve(process.env.HOME, '.npm-init')\n\n// the dir where we're doin stuff.\nvar dir = process.cwd()\n\n// extra stuff that gets put into the PromZard module's context.\n// In npm, this is the resolved config object.  Exposed as 'config'\n// Optional.\nvar configData = { some: 'extra stuff' }\n\n// Any existing stuff from the package.json file is also exposed in the\n// PromZard module as the `package` object.  There will also be free\n// vars for:\n// * `filename` path to the package.json file\n// * `basename` the tip of the package dir\n// * `dirname` the parent of the package dir\n\ninit(dir, initFile, configData, function (er, data) {\n  // the data's already been written to {dir}/package.json\n  // now you can do stuff with it\n})\n```\n\nOr from the command line:\n\n```\n$ npm-init\n```\n\nSee [PromZard](https://github.com/isaacs/promzard) for details about\nwhat can go in the config file.\n",
-  "_id": "init-package-json@0.0.5",
-  "_from": "init-package-json@0"
+  "_id": "init-package-json@0.0.6",
+  "_from": "init-package-json@latest"
 }
diff --git a/deps/npm/node_modules/node-gyp/lib/build.js b/deps/npm/node_modules/node-gyp/lib/build.js
index 01abdd5a6..26f5c4b99 100644
--- a/deps/npm/node_modules/node-gyp/lib/build.js
+++ b/deps/npm/node_modules/node-gyp/lib/build.js
@@ -19,10 +19,11 @@ exports.usage = 'Invokes `' + (win ? 'msbuild' : 'make') + '` and builds the mod
 function build (gyp, argv, callback) {
 
   var makeCommand = gyp.opts.make || process.env.MAKE
-    || (process.platform.indexOf('bsd') != -1 ? 'gmake' : 'make')
-  var command = win ? 'msbuild' : makeCommand
+      || (process.platform.indexOf('bsd') != -1 ? 'gmake' : 'make')
+    , command = win ? 'msbuild' : makeCommand
     , buildDir = path.resolve('build')
     , configPath = path.resolve(buildDir, 'config.gypi')
+    , jobs = gyp.opts.jobs || process.env.JOBS
     , buildType
     , config
     , arch
@@ -189,11 +190,27 @@ function build (gyp, argv, callback) {
     if (win) {
       var p = arch === 'x64' ? 'x64' : 'Win32'
       argv.push('/p:Configuration=' + buildType + ';Platform=' + p)
+      if (jobs) {
+        if (!isNaN(parseInt(jobs, 10))) {
+          argv.push('/m:' + parseInt(jobs, 10))
+        } else if (jobs.toUpperCase() === 'MAX') {
+          argv.push('/m:' + require('os').cpus().length)
+        }
+      }
     } else {
       argv.push('BUILDTYPE=' + buildType)
       // Invoke the Makefile in the 'build' dir.
       argv.push('-C')
       argv.push('build')
+      if (jobs) {
+        if (!isNaN(parseInt(jobs, 10))) {
+          argv.push('--jobs')
+          argv.push(parseInt(jobs, 10))
+        } else if (jobs.toUpperCase() === 'MAX') {
+          argv.push('--jobs')
+          argv.push(require('os').cpus().length)
+        }
+      }
     }
 
     if (win) {
diff --git a/deps/npm/node_modules/node-gyp/lib/configure.js b/deps/npm/node_modules/node-gyp/lib/configure.js
index 816b836f9..33906fabc 100644
--- a/deps/npm/node_modules/node-gyp/lib/configure.js
+++ b/deps/npm/node_modules/node-gyp/lib/configure.js
@@ -23,7 +23,7 @@ exports.usage = 'Generates ' + (win ? 'MSVC project files' : 'a Makefile') + ' f
 
 function configure (gyp, argv, callback) {
 
-  var python = process.env.PYTHON || gyp.opts.python || 'python'
+  var python = gyp.opts.python || process.env.PYTHON || 'python'
     , buildDir = path.resolve('build')
     , hasVCExpress = false
     , hasWin71SDK = false
diff --git a/deps/npm/node_modules/node-gyp/lib/install.js b/deps/npm/node_modules/node-gyp/lib/install.js
index cdf1bea89..ab44315ee 100644
--- a/deps/npm/node_modules/node-gyp/lib/install.js
+++ b/deps/npm/node_modules/node-gyp/lib/install.js
@@ -19,7 +19,6 @@ var fs = require('graceful-fs')
   , request = require('request')
   , minimatch = require('minimatch')
   , mkdir = require('mkdirp')
-  , distUrl = 'http://nodejs.org/dist'
   , win = process.platform == 'win32'
 
 function install (gyp, argv, callback) {
@@ -39,6 +38,8 @@ function install (gyp, argv, callback) {
     }
   }
 
+  var distUrl = gyp.opts['dist-url'] || 'http://nodejs.org/dist'
+
 
   // Determine which node dev files version we are installing
   var versionStr = argv[0] || gyp.opts.target || process.version
diff --git a/deps/npm/node_modules/node-gyp/lib/node-gyp.js b/deps/npm/node_modules/node-gyp/lib/node-gyp.js
index 58275ee5b..9a88b21ff 100644
--- a/deps/npm/node_modules/node-gyp/lib/node-gyp.js
+++ b/deps/npm/node_modules/node-gyp/lib/node-gyp.js
@@ -84,6 +84,8 @@ proto.configDefs = {
   , nodedir: String   // 'configure'
   , loglevel: String  // everywhere
   , python: String    // 'configure'
+  , 'dist-url': String // 'install'
+  , jobs: String      // 'build'
 }
 
 /**
diff --git a/deps/npm/node_modules/node-gyp/package.json b/deps/npm/node_modules/node-gyp/package.json
index 4ad0339c2..3f7292c0d 100644
--- a/deps/npm/node_modules/node-gyp/package.json
+++ b/deps/npm/node_modules/node-gyp/package.json
@@ -10,7 +10,7 @@
     "bindings",
     "gyp"
   ],
-  "version": "0.6.11",
+  "version": "0.7.0",
   "installVersion": 9,
   "author": {
     "name": "Nathan Rajlich",
@@ -45,6 +45,9 @@
     "node": ">= 0.6.0"
   },
   "readme": "node-gyp\n=========\n### Node.js native addon build tool\n\n`node-gyp` is a cross-platform command-line tool written in Node.js for compiling\nnative addon modules for Node.js, which takes away the pain of dealing with the\nvarious differences in build platforms. It is the replacement to the `node-waf`\nprogram which is removed for node `v0.8`. If you have a native addon for node that\nstill has a `wscript` file, then you should definitely add a `binding.gyp` file\nto support the latest versions of node.\n\nMultiple target versions of node are supported (i.e. `0.6`, `0.7`,..., `1.0`,\netc.), regardless of what version of node is actually installed on your system\n(`node-gyp` downloads the necessary development files for the target version).\n\n#### Features:\n\n * Easy to use, consistent interface\n * Same commands to build your module on every platform\n * Supports multiple target versions of Node\n\n\nInstallation\n------------\n\nYou can install with `npm`:\n\n``` bash\n$ npm install -g node-gyp\n```\n\nYou will also need to install:\n\n  * On Unix:\n    * `python`\n    * `make`\n    * A proper C/C++ compiler toolchain, like GCC\n  * On Windows:\n    * [Python][windows-python] ([`v2.7.3`][windows-python-v2.7.3] recommended, `v3.x.x` is not supported)\n    * Microsoft Visual C++ ([Express][msvc] version works well)\n      * For 64-bit builds of node and native modules you will _also_ need the [Windows 7 64-bit SDK][win7sdk]\n\nHow to Use\n----------\n\nTo compile your native addon, first go to its root directory:\n\n``` bash\n$ cd my_node_addon\n```\n\nThe next step is to generate the appropriate project build files for the current\nplatform. Use `configure` for that:\n\n``` bash\n$ node-gyp configure\n```\n\n__Note__: The `configure` step looks for the `binding.gyp` file in the current\ndirectory to processs. See below for instructions on creating the `binding.gyp` file.\n\nNow you will have either a `Makefile` (on Unix platforms) or a `vcxproj` file\n(on Windows) in the `build/` directory. Next invoke the `build` command:\n\n``` bash\n$ node-gyp build\n```\n\nNow you have your compiled `.node` bindings file! The compiled bindings end up\nin `build/Debug/` or `build/Release/`, depending on the build mode. At this point\nyou can require the `.node` file with Node and run your tests!\n\n__Note:__ To create a _Debug_ build of the bindings file, pass the `--debug` (or\n`-d`) switch when running the either `configure` or `build` command.\n\n\nThe \"binding.gyp\" file\n----------------------\n\nPreviously when node had `node-waf` you had to write a `wscript` file. The\nreplacement for that is the `binding.gyp` file, which describes the configuration\nto build your module in a JSON-like format. This file gets placed in the root of\nyour package, alongside the `package.json` file.\n\nA barebones `gyp` file appropriate for building a node addon looks like:\n\n``` json\n{\n  \"targets\": [\n    {\n      \"target_name\": \"binding\",\n      \"sources\": [ \"src/binding.cc\" ]\n    }\n  ]\n}\n```\n\nSome additional resources for writing `gyp` files:\n\n * [\"Hello World\" node addon example](https://github.com/joyent/node/tree/master/test/addons/hello-world)\n * [gyp user documentation](http://code.google.com/p/gyp/wiki/GypUserDocumentation)\n * [gyp input format reference](http://code.google.com/p/gyp/wiki/InputFormatReference)\n * [*\"binding.gyp\" files out in the wild* wiki page](https://github.com/TooTallNate/node-gyp/wiki/%22binding.gyp%22-files-out-in-the-wild)\n\n\nCommands\n--------\n\n`node-gyp` responds to the following commands:\n\n| **Command**   | **Description**\n|:--------------|:---------------------------------------------------------------\n| `build`       | Invokes `make`/`msbuild.exe` and builds the native addon\n| `clean`       | Removes any the `build` dir if it exists\n| `configure`   | Generates project build files for the current platform\n| `rebuild`     | Runs \"clean\", \"configure\" and \"build\" all in a row\n| `install`     | Installs node development header files for the given version\n| `list`        | Lists the currently installed node development file versions\n| `remove`      | Removes the node development header files for the given version\n\n\nLicense\n-------\n\n(The MIT License)\n\nCopyright (c) 2012 Nathan Rajlich &lt;nathan@tootallnate.net&gt;\n\nPermission is hereby granted, free of charge, to any person obtaining\na copy of this software and associated documentation files (the\n'Software'), to deal in the Software without restriction, including\nwithout limitation the rights to use, copy, modify, merge, publish,\ndistribute, sublicense, and/or sell copies of the Software, and to\npermit persons to whom the Software is furnished to do so, subject to\nthe following conditions:\n\nThe above copyright notice and this permission notice shall be\nincluded in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\nMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\nIN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY\nCLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,\nTORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE\nSOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n\n\n[windows-python]: http://www.python.org/getit/windows\n[windows-python-v2.7.3]: http://www.python.org/download/releases/2.7.3#download\n[msvc]: http://www.microsoft.com/visualstudio/en-us/products/2010-editions/visual-cpp-express\n[win7sdk]: http://www.microsoft.com/download/en/details.aspx?displayLang=en&id=8279\n",
-  "_id": "node-gyp@0.6.11",
-  "_from": "node-gyp@~0.6.4"
+  "_id": "node-gyp@0.7.0",
+  "dist": {
+    "shasum": "60cc1d85885909b43ca0caa1a9bd93032c68a002"
+  },
+  "_from": "node-gyp@latest"
 }
diff --git a/deps/npm/node_modules/npm-registry-client/index.js b/deps/npm/node_modules/npm-registry-client/index.js
index 8d321b869..c2d50b6c0 100644
--- a/deps/npm/node_modules/npm-registry-client/index.js
+++ b/deps/npm/node_modules/npm-registry-client/index.js
@@ -58,6 +58,8 @@ function RegClient (conf) {
     var token = this.conf.get('_token')
     this.couchLogin = new CouchLogin(registry, token)
     this.couchLogin.proxy = this.conf.get('proxy')
+    this.couchLogin.strictSSL = this.conf.get('strict-ssl')
+    this.couchLogin.ca = this.conf.get('ca')
   }
 
   this.log = conf.log || conf.get('log') || npmlog
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/.npmignore b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/.npmignore
new file mode 100644
index 000000000..9ed56e7a5
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/.npmignore
@@ -0,0 +1,4 @@
+test/fixtures/couch.log
+test/fixtures/.delete
+test/fixtures/pid
+test/fixtures/_users.couch
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/LICENSE b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/LICENSE
new file mode 100644
index 000000000..0c44ae716
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) Isaac Z. Schlueter ("Author")
+All rights reserved.
+
+The BSD License
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
+BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/deps/npm/node_modules/couch-login/README.md b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/README.md
index 0b6c75d94..cebba79a3 100644
--- a/deps/npm/node_modules/couch-login/README.md
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/README.md
@@ -148,6 +148,25 @@ discarded.
 Related to tokenGet and tokenSet.  Takes a callback which should be
 called when the token is deleted.
 
+### couch.ca
+
+* {String | Array | null}
+
+A certificate authority string, or an array of CA strings.  Only
+relevant for HTTPS couches, of course.
+
+Leave as `null` to use the default ca settings built into node.
+
+### couch.strictSSL
+
+* {Boolean | null}
+
+Whether or not to be strict about SSL connections.  If left as null,
+then use the default setting in node, which is true in node versions
+0.9.x and above, and false prior to 0.8.x.
+
+Only relevant for HTTPS couches, of course.
+
 ### couch.anonymous()
 
 Return a new CouchLogin object that points at the same couchdb server,
diff --git a/deps/npm/node_modules/couch-login/couch-login.js b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/couch-login.js
index a2b323439..828a0e265 100644
--- a/deps/npm/node_modules/couch-login/couch-login.js
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/couch-login.js
@@ -3,6 +3,7 @@ var request = require('request')
 , crypto = require('crypto')
 , YEAR = (1000 * 60 * 60 * 24 * 365)
 , BASIC = {}
+, assert = require('assert')
 
 module.exports = CouchLogin
 
@@ -41,6 +42,18 @@ function CouchLogin (couch, tok) {
   this.proxy = null
 
   this.maxAge = YEAR
+
+  // replace with a CA cert string, or an array, or leave as null
+  // to use the defaults included in node.  Only relevant for HTTPS
+  // couches, of course.
+  this.ca = null
+
+  // set to boolean true or false to specify the strictSSL behavior.
+  // if left as null, then it'll use whatever node defaults to, which
+  // is false <=0.8.x, and true >=0.9.x
+  //
+  // Again, only relevant for https couches, of course.
+  this.strictSSL = null
 }
 
 CouchLogin.prototype =
@@ -63,6 +76,7 @@ Object.defineProperty(CouchLogin.prototype, 'constructor',
   { value: CouchLogin, enumerable: false })
 
 function decorate (req, res) {
+  assert(this instanceof CouchLogin)
   req.couch = res.couch = this
 
   // backed by some sort of set(k,v,cb), get(k,cb) session storage.
@@ -86,10 +100,12 @@ function decorate (req, res) {
 }
 
 function anon () {
+  assert(this instanceof CouchLogin)
   return new CouchLogin(this.couch, NaN)
 }
 
 function makeReq (meth, body, f) { return function madeReq (p, d, cb) {
+  assert(this instanceof CouchLogin)
   f = f || (this.token !== this.token)
   if (!f && !valid(this.token)) {
     // lazily get the token.
@@ -129,19 +145,30 @@ function makeReq (meth, body, f) { return function madeReq (p, d, cb) {
     req.proxy = this.proxy
   }
 
+  // we're handling cookies, don't do it for us.
+  req.jar = false
+
+  if (this.ca)
+    req.ca = this.ca
+
+  if (this.strictSSL && this.strictSSL !== null)
+    req.strictSSL = this.strictSSL
+
   request(req, function (er, res, data) {
     // update cookie.
     if (er || res.statusCode !== 200) return cb(er, res, data)
     addToken.call(this, res)
-    return cb(er, res, data)
+    return cb.call(this, er, res, data)
   }.bind(this))
 }}
 
 function login (auth, cb) {
+  assert(this instanceof CouchLogin)
   if (this.token === BASIC) {
     this.auth = new Buffer(auth.name + ':' + auth.password).toString('base64')
     this.name = auth.name
-    return process.nextTick(cb, null, { statusCode: 200 }, { ok: true })
+    cb = cb.bind(this, null, { statusCode: 200 }, { ok: true })
+    return process.nextTick(cb)
   }
   var a = { name: auth.name, password: auth.password }
   var req = makeReq('post', true, true)
@@ -150,10 +177,11 @@ function login (auth, cb) {
       return cb(er, cr, data)
     this.name = auth.name
     cb(er, cr, data)
-  })
+  }.bind(this))
 }
 
 function changePass (auth, cb) {
+  assert(this instanceof CouchLogin)
   if (!auth.name || !auth.password) return cb(new Error('invalid auth'))
 
   var u = '/_users/org.couchdb.user:' + auth.name
@@ -181,7 +209,6 @@ function changePass (auth, cb) {
     data.date = new Date().toISOString()
 
     this.put(u + '?rev=' + data._rev, data, function (er, res, data) {
-      console.error('back from changepass', er, data, this.name)
       if (er || res.statusCode >= 400)
         return cb(er, res, data)
       if (this.name && this.name !== auth.name)
@@ -196,6 +223,7 @@ function changePass (auth, cb) {
 //
 // WATCH OUT!
 function deleteAccount (name, cb) {
+  assert(this instanceof CouchLogin)
   var u = '/_users/org.couchdb.user:' + name
   this.get(u, thenPut.bind(this))
 
@@ -216,9 +244,11 @@ function deleteAccount (name, cb) {
 
 
 function signup (auth, cb) {
-  if (this.token && this.token !== BASIC)
+  assert(this instanceof CouchLogin)
+  if (this.token && this.token !== BASIC) {
+
     return this.logout(function (er, res, data) {
-      if (er || res.statusCode !== 200) {
+      if (er || res && res.statusCode !== 200) {
         return cb(er, res, data)
       }
 
@@ -228,6 +258,7 @@ function signup (auth, cb) {
 
       this.signup(auth, cb)
     }.bind(this))
+  }
 
   // make a new user record.
   var newSalt = crypto.randomBytes(30).toString('hex')
@@ -262,6 +293,7 @@ function signup (auth, cb) {
 }
 
 function addToken (res) {
+  assert(this instanceof CouchLogin)
   // not doing the whole login session cookie thing.
   if (this.token === BASIC)
     return
@@ -309,9 +341,11 @@ function addToken (res) {
 
 
 function logout (cb) {
+  assert(this instanceof CouchLogin)
   if (!this.token && this.tokenGet) {
     return this.tokenGet(function (er, tok) {
-      if (er || !tok) return cb()
+      if (er || !tok)
+        return cb(null, { statusCode: 200 }, {})
       this.token = tok
       this.logout(cb)
     }.bind(this))
@@ -320,7 +354,7 @@ function logout (cb) {
   if (!valid(this.token)) {
     this.token = null
     if (this.tokenDel) this.tokenDel()
-    return process.nextTick(cb)
+    return process.nextTick(cb.bind(this, null, { statusCode: 200 }, {}))
   }
 
   var h = { cookie: 'AuthSession=' + this.token.AuthSession }
@@ -333,7 +367,8 @@ function logout (cb) {
     }
 
     this.token = null
-    if (this.tokenDel) this.tokenDel()
+    if (this.tokenDel)
+      this.tokenDel()
     cb(er, res, data)
   }.bind(this))
 }
diff --git a/deps/npm/node_modules/couch-login/package.json b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/package.json
index 9ccd561b5..30e9e022c 100644
--- a/deps/npm/node_modules/couch-login/package.json
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/package.json
@@ -6,7 +6,7 @@
   },
   "name": "couch-login",
   "description": "A module for doing logged-in requests to a couchdb server",
-  "version": "0.1.12",
+  "version": "0.1.15",
   "repository": {
     "type": "git",
     "url": "git://github.com/isaacs/couch-login.git"
@@ -21,7 +21,7 @@
   "devDependencies": {
     "tap": "~0.2.4"
   },
-  "readme": "# couch-login\n\nThis module lets you log into couchdb to get a session token, then make\nrequests using that session.  It is basically just a thin wrapper around\n[@mikeal's request module](https://github.com/mikeal/request).\n\nThis is handy if you want a user to take actions in a couchdb database\non behalf of a user, without having to store their couchdb username and\npassword anywhere.  (You do need to store the AuthSession token\nsomewhere, though.)\n\n## Usage\n\n```javascript\nvar CouchLogin = require('couch-login')\n\n// Nothing about this module is http-server specific of course.\n// You could also use it to do authenticated requests against\n// a couchdb using sessions and storing the token somewhere else.\n\nhttp.createServer(function (req, res) {\n  var couch = new CouchLogin('http://my-couch.iriscouch.com:5984/')\n\n  // .. look up the token in the user's session or whatever ..\n  // Look at couch.decorate(req, res) for more on doing that\n  // automatically, below.\n\n  if (sessionToken) {\n    // this user already logged in.\n    couch.token = sessionToken\n\n    // now we can do things on their behalf, like:\n    // 1. View their session info.\n    // like doing request.get({ uri: couch + '/_session', ... })\n    // but with the cookie and whatnot\n\n    couch.get('/_session', function (er, resp, data) {\n      // er = some kind of communication error.\n      // resp = response object from the couchdb request.\n      // data = parsed JSON response body.\n      if (er || resp.statusCode !== 200) {\n        res.statusCode = resp.statusCode || 403\n        return res.end('Invalid login or something')\n      }\n\n      // now we have the session info, we know who this user is.\n      // hitting couchdb for this on every request is kinda costly,\n      // so maybe you should store the username wherever you're storing\n      // the sessionToken.  RedSess is a good util for this, if you're\n      // into redis.  And if you're not into redis, you're crazy,\n      // because it is awesome.\n\n      // now let's get the user record.\n      // note that this will 404 for anyone other than the user,\n      // unless they're a server admin.\n      couch.get('/_users/org.couchdb.user:' + data.userCtx.name, etc)\n\n      // PUTs and DELETEs will also use their session, of course, so\n      // your validate_doc_update's will see their info in userCtx\n    })\n\n  } else {\n    // don't have a sessionToken.\n    // get a username and password from the post body or something.\n    // maybe redirect to a /login page or something to ask for that.\n    var login = { name: name, password: password }\n    couch.login(login, function (er, resp, data) {\n      // again, er is an error, resp is the response obj, data is the json\n      if (er || resp.statusCode !== 200) {\n        res.statusCode = resp.statusCode || 403\n        return res.end('Invalid login or something')\n      }\n\n      // the data is something like\n      // {\"ok\":true,\"name\":\"testuser\",\"roles\":[]}\n      // and couch.token is the token you'll need to save somewhere.\n\n      // at this point, you can start making authenticated requests to\n      // couchdb, or save data in their session, or do whatever it is\n      // that you need to do.\n\n      res.statusCode = 200\n      res.write(\"Who's got two thumbs and just logged you into couch?\\n\")\n      setTimeout(function () {\n        res.end(\"THIS GUY!\")\n      }, 500)\n    })\n  }\n})\n```\n\n## Class: CouchLogin\n### new CouchLogin(couchdbUrl, token)\n\nCreate a new CouchLogin object bound to the couchdb url.\n\nIn addition to these, the `get`, `post`, `put`, and `del` methods all\nproxy to the associated method on [request](https://github.com/mikeal/request).\n\nHowever, as you'll note in the example above, only the pathname portion\nof the url is required.  Urls will be appended to the couchdb url passed\ninto the constructor.\n\nIf you have to talk to more than one couchdb, then you'll need more than\none CouchLogin object, for somewhat obvious reasons.\n\nAll callbacks get called with the following arguments, which are exactly\nidentical to the arguments passed to a `request` callback.\n\n* `er` {Error | null} Set if a communication error happens.\n* `resp` {HTTP Response} The response from the request to couchdb\n* `data` {Object} The parsed JSON data from couch\n\nIf the token is the string \"anonymous\", then it will not attempt to log\nin before making requests.  If the token is not \"anonymous\", then it\nmust be an object with the appropriate fields.\n\n### couch.token\n\n* {Object}\n\nAn object representing the couchdb session token.  (Basically just a\ncookie and a timeout.)\n\nIf the token has already timed out, then setting it will have no effect.\n\n### couch.tokenSet\n\nIf set, this method is called whenever the token is saved.\n\nFor example, you could assign a function to this method to save the\ntoken into a redis session, a cookie, or in some other database.\n\nTakes a callback which should be called when the token is saved.\n\n### couch.tokenGet\n\nIf set, this method is called to look up the token on demand.\n\nThe inverse of couch.tokenSet.  Takes a callback which is called with\nthe `cb(er || null, token)`.\n\n### couch.tokenDel\n\nIf set, this method is called to delete the token when it should be\ndiscarded.\n\nRelated to tokenGet and tokenSet.  Takes a callback which should be\ncalled when the token is deleted.\n\n### couch.anonymous()\n\nReturn a new CouchLogin object that points at the same couchdb server,\nbut doesn't try to log in before making requests.\n\nThis is handy for situations where the user is not logged in at the\nmoment, but a request needs to be made anyway, and does not require\nauthorization.\n\n### couch.login(auth, callback)\n\n* `auth` {Object} The login details\n  * `name` {String}\n  * `password` {String}\n* `callback` {Function}\n\nWhen the callback is called, the `couch.token` will already have been\nset (assuming it worked!), so subsequent requests will be done as that\nuser.\n\n### couch.get(path, callback)\n\nGET the supplied path from the couchdb using the credentials on the\ntoken.\n\nFails if the token is invalid or expired.\n\n### couch.del(path, callback)\n\nDELETE the supplied path from the couchdb using the credentials on the\ntoken.\n\nFails if the token is invalid or expired.\n\n### couch.post(path, data, callback)\n\nPOST the data to the supplied path in the couchdb, using the credentials\non the token.\n\nFails if the token is invalid or expired.\n\n### couch.put(path, data, callback)\n\nPUT the data to the supplied path in the couchdb, using the credentials\non the token.\n\nFails if the token is invalid or expired.\n\n### couch.changePass(newAuth, callback)\n\nMust already be logged in.  Updates the `_users` document with new salt\nand hash, and re-logs in with the new credentials.  Callback is called\nwith the same arguments as login, or the first step of the process that\nfailed.\n\n### couch.signup(userData, callback)\n\nCreate a new user account.  The userData must contain at least a `name`\nand `password` field.  Any additional data will be copied to the user\nrecord.  The `_id`, `name`, `roles`, `type`, `password_sha`, `salt`, and\n`date` fields are generated.\n\nAlso signs in as the newly created user, on successful account creation.\n\n### couch.deleteAccount(name, callback)\n\nDeletes a user account.  If not logged in as the user, or a server\nadmin, then the request will fail.\n\nNote that this immediately invalidates any session tokens for the\ndeleted user account.  If you are deleting the user's record, then you\nought to follow this with `couch.logout(callback)` so that it won't try\nto re-use the invalid session.\n\n### couch.logout(callback)\n\nDelete the session out of couchdb.  This makes the token permanently\ninvalid, and deletes it.\n\n### couch.decorate(req, res)\n\nSet up `req.couch` and `res.couch` as references to this couch login\ninstance.\n\nAdditionall, if `req.session` or `res.session` is set, then it'll call\n`session.get('couch_token', cb)` as the tokenGet method,\n`session.set('couch_token', token, cb)` as the tokenSet method, and\n`session.del('couch_token', cb)` as the tokenDel method.\n\nThis works really nice with\n[RedSess](https://github.com/isaacs/redsess).\n",
-  "_id": "couch-login@0.1.12",
-  "_from": "couch-login@~0.1.9"
+  "readme": "# couch-login\n\nThis module lets you log into couchdb to get a session token, then make\nrequests using that session.  It is basically just a thin wrapper around\n[@mikeal's request module](https://github.com/mikeal/request).\n\nThis is handy if you want a user to take actions in a couchdb database\non behalf of a user, without having to store their couchdb username and\npassword anywhere.  (You do need to store the AuthSession token\nsomewhere, though.)\n\n## Usage\n\n```javascript\nvar CouchLogin = require('couch-login')\n\n// Nothing about this module is http-server specific of course.\n// You could also use it to do authenticated requests against\n// a couchdb using sessions and storing the token somewhere else.\n\nhttp.createServer(function (req, res) {\n  var couch = new CouchLogin('http://my-couch.iriscouch.com:5984/')\n\n  // .. look up the token in the user's session or whatever ..\n  // Look at couch.decorate(req, res) for more on doing that\n  // automatically, below.\n\n  if (sessionToken) {\n    // this user already logged in.\n    couch.token = sessionToken\n\n    // now we can do things on their behalf, like:\n    // 1. View their session info.\n    // like doing request.get({ uri: couch + '/_session', ... })\n    // but with the cookie and whatnot\n\n    couch.get('/_session', function (er, resp, data) {\n      // er = some kind of communication error.\n      // resp = response object from the couchdb request.\n      // data = parsed JSON response body.\n      if (er || resp.statusCode !== 200) {\n        res.statusCode = resp.statusCode || 403\n        return res.end('Invalid login or something')\n      }\n\n      // now we have the session info, we know who this user is.\n      // hitting couchdb for this on every request is kinda costly,\n      // so maybe you should store the username wherever you're storing\n      // the sessionToken.  RedSess is a good util for this, if you're\n      // into redis.  And if you're not into redis, you're crazy,\n      // because it is awesome.\n\n      // now let's get the user record.\n      // note that this will 404 for anyone other than the user,\n      // unless they're a server admin.\n      couch.get('/_users/org.couchdb.user:' + data.userCtx.name, etc)\n\n      // PUTs and DELETEs will also use their session, of course, so\n      // your validate_doc_update's will see their info in userCtx\n    })\n\n  } else {\n    // don't have a sessionToken.\n    // get a username and password from the post body or something.\n    // maybe redirect to a /login page or something to ask for that.\n    var login = { name: name, password: password }\n    couch.login(login, function (er, resp, data) {\n      // again, er is an error, resp is the response obj, data is the json\n      if (er || resp.statusCode !== 200) {\n        res.statusCode = resp.statusCode || 403\n        return res.end('Invalid login or something')\n      }\n\n      // the data is something like\n      // {\"ok\":true,\"name\":\"testuser\",\"roles\":[]}\n      // and couch.token is the token you'll need to save somewhere.\n\n      // at this point, you can start making authenticated requests to\n      // couchdb, or save data in their session, or do whatever it is\n      // that you need to do.\n\n      res.statusCode = 200\n      res.write(\"Who's got two thumbs and just logged you into couch?\\n\")\n      setTimeout(function () {\n        res.end(\"THIS GUY!\")\n      }, 500)\n    })\n  }\n})\n```\n\n## Class: CouchLogin\n### new CouchLogin(couchdbUrl, token)\n\nCreate a new CouchLogin object bound to the couchdb url.\n\nIn addition to these, the `get`, `post`, `put`, and `del` methods all\nproxy to the associated method on [request](https://github.com/mikeal/request).\n\nHowever, as you'll note in the example above, only the pathname portion\nof the url is required.  Urls will be appended to the couchdb url passed\ninto the constructor.\n\nIf you have to talk to more than one couchdb, then you'll need more than\none CouchLogin object, for somewhat obvious reasons.\n\nAll callbacks get called with the following arguments, which are exactly\nidentical to the arguments passed to a `request` callback.\n\n* `er` {Error | null} Set if a communication error happens.\n* `resp` {HTTP Response} The response from the request to couchdb\n* `data` {Object} The parsed JSON data from couch\n\nIf the token is the string \"anonymous\", then it will not attempt to log\nin before making requests.  If the token is not \"anonymous\", then it\nmust be an object with the appropriate fields.\n\n### couch.token\n\n* {Object}\n\nAn object representing the couchdb session token.  (Basically just a\ncookie and a timeout.)\n\nIf the token has already timed out, then setting it will have no effect.\n\n### couch.tokenSet\n\nIf set, this method is called whenever the token is saved.\n\nFor example, you could assign a function to this method to save the\ntoken into a redis session, a cookie, or in some other database.\n\nTakes a callback which should be called when the token is saved.\n\n### couch.tokenGet\n\nIf set, this method is called to look up the token on demand.\n\nThe inverse of couch.tokenSet.  Takes a callback which is called with\nthe `cb(er || null, token)`.\n\n### couch.tokenDel\n\nIf set, this method is called to delete the token when it should be\ndiscarded.\n\nRelated to tokenGet and tokenSet.  Takes a callback which should be\ncalled when the token is deleted.\n\n### couch.ca\n\n* {String | Array | null}\n\nA certificate authority string, or an array of CA strings.  Only\nrelevant for HTTPS couches, of course.\n\nLeave as `null` to use the default ca settings built into node.\n\n### couch.strictSSL\n\n* {Boolean | null}\n\nWhether or not to be strict about SSL connections.  If left as null,\nthen use the default setting in node, which is true in node versions\n0.9.x and above, and false prior to 0.8.x.\n\nOnly relevant for HTTPS couches, of course.\n\n### couch.anonymous()\n\nReturn a new CouchLogin object that points at the same couchdb server,\nbut doesn't try to log in before making requests.\n\nThis is handy for situations where the user is not logged in at the\nmoment, but a request needs to be made anyway, and does not require\nauthorization.\n\n### couch.login(auth, callback)\n\n* `auth` {Object} The login details\n  * `name` {String}\n  * `password` {String}\n* `callback` {Function}\n\nWhen the callback is called, the `couch.token` will already have been\nset (assuming it worked!), so subsequent requests will be done as that\nuser.\n\n### couch.get(path, callback)\n\nGET the supplied path from the couchdb using the credentials on the\ntoken.\n\nFails if the token is invalid or expired.\n\n### couch.del(path, callback)\n\nDELETE the supplied path from the couchdb using the credentials on the\ntoken.\n\nFails if the token is invalid or expired.\n\n### couch.post(path, data, callback)\n\nPOST the data to the supplied path in the couchdb, using the credentials\non the token.\n\nFails if the token is invalid or expired.\n\n### couch.put(path, data, callback)\n\nPUT the data to the supplied path in the couchdb, using the credentials\non the token.\n\nFails if the token is invalid or expired.\n\n### couch.changePass(newAuth, callback)\n\nMust already be logged in.  Updates the `_users` document with new salt\nand hash, and re-logs in with the new credentials.  Callback is called\nwith the same arguments as login, or the first step of the process that\nfailed.\n\n### couch.signup(userData, callback)\n\nCreate a new user account.  The userData must contain at least a `name`\nand `password` field.  Any additional data will be copied to the user\nrecord.  The `_id`, `name`, `roles`, `type`, `password_sha`, `salt`, and\n`date` fields are generated.\n\nAlso signs in as the newly created user, on successful account creation.\n\n### couch.deleteAccount(name, callback)\n\nDeletes a user account.  If not logged in as the user, or a server\nadmin, then the request will fail.\n\nNote that this immediately invalidates any session tokens for the\ndeleted user account.  If you are deleting the user's record, then you\nought to follow this with `couch.logout(callback)` so that it won't try\nto re-use the invalid session.\n\n### couch.logout(callback)\n\nDelete the session out of couchdb.  This makes the token permanently\ninvalid, and deletes it.\n\n### couch.decorate(req, res)\n\nSet up `req.couch` and `res.couch` as references to this couch login\ninstance.\n\nAdditionall, if `req.session` or `res.session` is set, then it'll call\n`session.get('couch_token', cb)` as the tokenGet method,\n`session.set('couch_token', token, cb)` as the tokenSet method, and\n`session.del('couch_token', cb)` as the tokenDel method.\n\nThis works really nice with\n[RedSess](https://github.com/isaacs/redsess).\n",
+  "_id": "couch-login@0.1.15",
+  "_from": "couch-login@~0.1.15"
 }
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/00-setup.js b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/00-setup.js
new file mode 100644
index 000000000..d5dcc190d
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/00-setup.js
@@ -0,0 +1,100 @@
+// start the couchdb spinning as a detached child process.
+// the zz-teardown.js test kills it.
+//
+// localhost:15985 ==> couchdb
+// 127.0.0.1:15985 ==> npm registry
+
+var spawn = require('child_process').spawn
+var test = require('tap').test
+var path = require('path')
+var fs = require('fs')
+var request = require('request')
+
+// run with the cwd of the main program.
+var cwd = path.dirname(__dirname)
+
+var conf = path.resolve(__dirname, 'fixtures', 'couch.ini')
+var pidfile = path.resolve(__dirname, 'fixtures', 'pid')
+var logfile = path.resolve(__dirname, 'fixtures', 'couch.log')
+var started = /Apache CouchDB has started on http:\/\/127\.0\.0\.1:15985\/\n$/
+
+test('start couch as a zombie child', function (t) {
+  var fd = fs.openSync(pidfile, 'wx')
+
+  try { fs.unlinkSync(logfile) } catch (er) {}
+
+  var child = spawn('couchdb', ['-a', conf], {
+    detached: true,
+    stdio: 'ignore',
+    cwd: cwd
+  })
+  child.unref()
+  t.ok(child.pid)
+  fs.writeSync(fd, child.pid + '\n')
+  fs.closeSync(fd)
+
+  // wait for it to create a log, give it 5 seconds
+  var start = Date.now()
+  fs.readFile(logfile, function R (er, log) {
+    log = log ? log.toString() : ''
+    if (!er && !log.match(started))
+      er = new Error('not started yet')
+    if (er) {
+      if (Date.now() - start < 5000)
+        return setTimeout(function () {
+          fs.readFile(logfile, R)
+        }, 100)
+      else
+        throw er
+    }
+    t.pass('relax')
+    t.end()
+  })
+})
+
+// set up the testuser account that we'll be using everywhere.
+// first delete any existing one, so that we don't end up with
+// some newer copy taking over.
+test('create testuser', function (t) {
+  var u = 'http://admin:admin@localhost:15985/_users/org.couchdb.user:testuser'
+  var rev
+
+  request.get({ url: u, json: true }, function (er, res, data) {
+    if (er)
+      throw er
+    rev = data._rev
+    if (res.statusCode === 404)
+      put()
+    else
+      del()
+  })
+
+  function del () {
+    request.del(u + '?rev=' + rev, function (er, res, data) {
+      if (er)
+        throw er
+      put()
+    })
+  }
+
+  function put () {
+    request.put({
+      url: u,
+      body: {
+        _id: 'org.couchdb.user:testuser',
+        name: 'testuser',
+        roles: [],
+        type: 'user',
+        password_sha: 'e23952b517695e6bb72ecf060e10bf1b35bf7e0b',
+        salt: '83695c9b64d3b48b94c9dda0cd691e72',
+        date: '2012-09-26T16:49:30.175Z'
+      },
+      json: true
+    }, function (er, res, data) {
+      if (er)
+        throw er
+      t.ok(data.ok, 'user created')
+      t.end()
+    })
+  }
+})
diff --git a/deps/npm/node_modules/couch-login/test/basic.js b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/basic.js
index 660a24a0f..9e222e143 100644
--- a/deps/npm/node_modules/couch-login/test/basic.js
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/basic.js
@@ -1,11 +1,9 @@
 var tap = require('tap')
 , CouchLogin = require('../couch-login.js')
 
-// Yeah, go ahead and abuse my staging server, whatevs.
-
 var auth = { name: 'testuser', password: 'test' }
 , newAuth = { name: 'testuser', password: 'asdfasdf' }
-, couch = new CouchLogin('https://isaacs-staging.iriscouch.com/')
+, couch = new CouchLogin('http://localhost:15985/')
 , u = '/_users/org.couchdb.user:' + auth.name
 , userRecordMarker
 
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/_replicator.couch b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/_replicator.couch
new file mode 100644
index 000000000..b8dbbebd0
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/_replicator.couch
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/couch.ini b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/couch.ini
new file mode 100644
index 000000000..4579a2f02
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/couch.ini
@@ -0,0 +1,24 @@
+[couchdb]
+database_dir = test/fixtures
+view_index_dir = test/fixtures
+
+[httpd]
+port = 15985
+bind_address = 127.0.0.1
+secure_rewrites = false
+allow_jsonp = true
+config_whitelist = [{uuids,algorithm},{vhosts,"*"},{admins,"*"},{log,level},{httpd,allow_jsonp},{httpd,secure_rewrites},{httpd,mobile_futon},{httpd,sammy_futon},{httpd,cors},{httpd,x_forwarded_host},{httpd,'WWW-Authenticate'},{cors,"*"},{compactions,"*"},{replicator,db},{attachments,compression_level},{attachments,compressible_types},{couch_httpd_auth,authentication_db},{couch_httpd_auth,allow_persistent_cookies},{couch_httpd_auth,authentication_redirect},{couch_httpd_auth,require_valid_user},{couch_httpd_auth,timeout},{couch_httpd_auth,secret},{couchdb,os_process_timeout},{query_server_config,reduce_limit},{couch_httpd_oauth,"*"},{oauth_token_users,"*"},{oauth_token_secrets,"*"},{oauth_consumer_secrets,"*"},{browserid,enabled},{browserid,hash_secret},{fb,"*"}]
+
+[log]
+file = test/fixtures/couch.log
+
+[admins]
+admin = -hashed-b933598b0ade0e4c2a258d53c95990d5939461dd,a44895e5740b79d14b392ada8021d31d
+
+[couch_httpd_auth]
+secret = cafebad000deadbeef00000019790701
+timeout = 36000
+allow_persistent_cookies = true
+
+[vhosts]
+127.0.0.1:15985 = /registry/_design/ghost/_rewrite
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/registry.couch b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/registry.couch
new file mode 100644
index 000000000..5806317db
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/fixtures/registry.couch
diff --git a/deps/npm/node_modules/couch-login/test/registry.js b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/registry.js
index 56a21f6b1..d99d9f4f6 100644
--- a/deps/npm/node_modules/couch-login/test/registry.js
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/registry.js
@@ -3,11 +3,9 @@
 var tap = require('tap')
 , CouchLogin = require('../couch-login.js')
 
-// Yeah, go ahead and abuse my staging server, whatevs.
-
 var auth = { name: 'testuser', password: 'test' }
 , newAuth = { name: 'testuser', password: 'asdfasdf' }
-, couch = new CouchLogin('https://staging.npmjs.org/')
+, couch = new CouchLogin('http://127.0.0.1:15985/')
 , u = '/_users/org.couchdb.user:' + auth.name
 , userRecordMarker
 
@@ -204,7 +202,7 @@ tap.test('change password back easy', function (t) {
       t.ok(data, 'data')
       t.ok(couch.token, 'token')
       t.equal(data.testingCouchLogin, undefined)
-      t.equal(data.mustChangePass, false)
+      t.notOk(data.mustChangePass)
       userRecord = data
       t.end()
     })
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/reset-then-signup.js b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/reset-then-signup.js
new file mode 100644
index 000000000..77a5ceda9
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/reset-then-signup.js
@@ -0,0 +1,112 @@
+var test = require('tap').test
+var CouchLogin = require('../couch-login.js')
+
+var auth = { name: 'testuser', password: 'test' }
+, newAuth = { name: 'testuser', password: 'asdf', mustChangePass: true }
+, db = 'http://localhost:15985/'
+, couch = new CouchLogin(db)
+, u = '/_users/org.couchdb.user:' + auth.name
+, admin = { name: 'admin', password: 'admin' }
+, newUser = { name: 'testuser', password: 'test' }
+, newUserCouch = null
+, authToken = null
+
+newUser.name += Math.floor(Math.random() * 1E9)
+
+var okGlobal = Object.keys(global)
+
+var adminCouch = new CouchLogin(db, 'basic')
+
+function okStatus (t, res) {
+  var x = { found: res.statusCode, wanted: 'around 200' }
+  var r = res.statusCode
+  x.ok = (r >= 200 && r < 300)
+  return t.ok(x.ok, 'Status code should be 200-ish', x)
+}
+
+test('adminCouch login', function (t) {
+  t.deepEqual(Object.keys(global), okGlobal)
+  console.error('adminCouch login')
+  adminCouch.login(admin, function (er, res, data) {
+    if (er)
+      throw er
+    okStatus(t, res)
+    t.ok(data)
+    t.end()
+  })
+})
+
+test('get the user data as admin', function (t) {
+  t.deepEqual(Object.keys(global), okGlobal)
+  console.error('2')
+  adminCouch.get(u, function (er, res, data) {
+    if (er)
+      throw er
+    okStatus(t, res)
+    t.ok(data)
+    t.end()
+  })
+})
+
+test('admin user changes the password for non-admin user', function (t) {
+  console.error(3)
+  t.deepEqual(Object.keys(global), okGlobal)
+  adminCouch.changePass(newAuth, function (er, res, data) {
+    if (er)
+      throw er
+    okStatus(t, res)
+    t.ok(data)
+    t.end()
+  })
+})
+
+test('testuser logs in', function (t) {
+  console.error(4)
+  t.deepEqual(Object.keys(global), okGlobal)
+  couch.login(newAuth, function (er, res, data) {
+    if (er)
+      throw er
+    okStatus(t, res)
+    t.deepEqual(data, { ok: true, name: 'testuser', roles: [] })
+    authToken = couch.token
+    t.end()
+  })
+})
+
+// test('testuser changes password', function (t) {
+//   couch = new CouchLogin(db)
+//   couch.token = authToken
+//   couch.changePass(auth, function (er, res, data) {
+//     if (er)
+//       throw er
+//     okStatus(t, res)
+//     console.error(data)
+//     t.ok(data)
+//     t.end()
+//   })
+// })
+
+test('new user signup', function (t) {
+  t.deepEqual(Object.keys(global), okGlobal)
+  newUserCouch = new CouchLogin(db)
+  newUserCouch.signup(newUser, function (er, res, data) {
+    if (er)
+      throw er
+    okStatus(t, res)
+    console.error(data)
+    t.ok(data)
+    t.end()
+  })
+})
+
+test('delete newUser account', function (t) {
+  t.deepEqual(Object.keys(global), okGlobal)
+  newUserCouch.deleteAccount(newUser.name, function (er, res, data) {
+    if (er)
+      throw er
+    okStatus(t, res)
+    console.error(data)
+    t.ok(data)
+    t.end()
+  })
+})
diff --git a/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/zz-teardown.js b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/zz-teardown.js
new file mode 100644
index 000000000..a66e24a10
--- /dev/null
+++ b/deps/npm/node_modules/npm-registry-client/node_modules/couch-login/test/zz-teardown.js
@@ -0,0 +1,23 @@
+// kill the couchdb process that's running as a detached child process
+// started by the 00-setup.js test
+
+var fs = require('fs')
+var test = require('tap').test
+var path = require('path')
+var pidfile = path.resolve(__dirname, 'fixtures', 'pid')
+var _users = path.resolve(__dirname, 'fixtures', '_users.couch')
+
+test('kill all the users', function (t) {
+  fs.unlinkSync(_users)
+  t.pass('_users db deleted')
+  t.end()
+})
+
+test('craigslist (well, how do you get rid of YOUR couches?)', function (t) {
+  var pid = fs.readFileSync(pidfile)
+  fs.unlinkSync(pidfile)
+  process.kill(pid)
+  t.pass('couch is no more')
+  t.end()
+})
+
diff --git a/deps/npm/node_modules/npm-registry-client/package.json b/deps/npm/node_modules/npm-registry-client/package.json
index 743534eb0..05c2cb15f 100644
--- a/deps/npm/node_modules/npm-registry-client/package.json
+++ b/deps/npm/node_modules/npm-registry-client/package.json
@@ -6,7 +6,7 @@
   },
   "name": "npm-registry-client",
   "description": "Client for the npm registry",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "repository": {
     "url": "git://github.com/isaacs/npm-registry-client"
   },
@@ -17,13 +17,13 @@
   "dependencies": {
     "request": "~2.9.202",
     "graceful-fs": "~1.1.8",
-    "semver": "~1.0.14",
+    "semver": "~1.1.0",
     "slide": "~1.1.3",
     "chownr": "0",
     "mkdirp": "~0.3.3",
     "rimraf": "~2.0.1",
     "retry": "0.6.0",
-    "couch-login": "~0.1.6",
+    "couch-login": "~0.1.15",
     "npmlog": ""
   },
   "devDependencies": {
@@ -34,6 +34,6 @@
   },
   "license": "BSD",
   "readme": "# npm-registry-client\n\nThe code that npm uses to talk to the registry.\n\nIt handles all the caching and HTTP calls.\n\n## Usage\n\n```javascript\nvar RegClient = require('npm-registry-client')\nvar client = new RegClient(config)\n\nclient.get(\"npm\", \"latest\", 1000, function (er, data, raw, res) {\n  // error is an error if there was a problem.\n  // data is the parsed data object\n  // raw is the json string\n  // res is the response from couch\n})\n```\n\n# Configuration\n\nThis program is designed to work with\n[npmconf](https://npmjs.org/package/npmconf), but you can also pass in\na plain-jane object with the appropriate configs, and it'll shim it\nfor you.  Any configuration thingie that has get/set/del methods will\nalso be accepted.\n\n* `registry` **Required** {String} URL to the registry\n* `cache` **Required** {String} Path to the cache folder\n* `always-auth` {Boolean} Auth even for GET requests.\n* `auth` {String} A base64-encoded `username:password`\n* `email` {String} User's email address\n* `tag` {String} The default tag to use when publishing new packages.\n  Default = `\"latest\"`\n* `ca` {String} Cerficate signing authority certificates to trust.\n* `strict-ssl` {Boolean} Whether or not to be strict with SSL\n  certificates.  Default = `true`\n* `user-agent` {String} User agent header to send.  Default =\n  `\"node/{process.version}\"`\n* `log` {Object} The logger to use.  Defaults to `require(\"npmlog\")` if\n  that works, otherwise logs are disabled.\n* `fetch-retries` {Number} Number of times to retry on GET failures.\n  Default=2\n* `fetch-retry-factor` {Number} `factor` setting for `node-retry`. Default=10\n* `fetch-retry-mintimeout` {Number} `minTimeout` setting for `node-retry`.\n  Default=10000 (10 seconds)\n* `fetch-retry-maxtimeout` {Number} `maxTimeout` setting for `node-retry`.\n  Default=60000 (60 seconds)\n* `proxy` {URL} The url to proxy requests through.\n* `https-proxy` {URL} The url to proxy https requests through.\n  Defaults to be the same as `proxy` if unset.\n* `_auth` {String} The base64-encoded authorization header.\n* `username` `_password` {String} Username/password to use to generate\n  `_auth` if not supplied.\n* `_token` {Object} A token for use with\n  [couch-login](https://npmjs.org/package/couch-login)\n\n# client.request(method, where, [what], [etag], [nofollow], cb)\n\n* `method` {String} HTTP method\n* `where` {String} Path to request on the server\n* `what` {Stream | Buffer | String | Object} The request body.  Objects\n  that are not Buffers or Streams are encoded as JSON.\n* `etag` {String} The cached ETag\n* `nofollow` {Boolean} Prevent following 302/301 responses\n* `cb` {Function}\n  * `error` {Error | null}\n  * `data` {Object} the parsed data object\n  * `raw` {String} the json\n  * `res` {Response Object} response from couch\n\nMake a request to the registry.  All the other methods are wrappers\naround this. one.\n\n# client.adduser(username, password, email, cb)\n\n* `username` {String}\n* `password` {String}\n* `email` {String}\n* `cb` {Function}\n\nAdd a user account to the registry, or verify the credentials.\n\n# client.get(url, [timeout], [nofollow], [staleOk], cb)\n\n* `url` {String} The url path to fetch\n* `timeout` {Number} Number of seconds old that a cached copy must be\n  before a new request will be made.\n* `nofollow` {Boolean} Do not follow 301/302 responses\n* `staleOk` {Boolean} If there's cached data available, then return that\n  to the callback quickly, and update the cache the background.\n\nFetches data from the registry via a GET request, saving it in\nthe cache folder with the ETag.\n\n# client.publish(data, tarball, [readme], cb)\n\n* `data` {Object} Package data\n* `tarball` {String | Stream} Filename or stream of the package tarball\n* `readme` {String} Contents of the README markdown file\n* `cb` {Function}\n\nPublish a package to the registry.\n\nNote that this does not create the tarball from a folder.  However, it\ncan accept a gzipped tar stream or a filename to a tarball.\n\n# client.star(package, starred, cb)\n\n* `package` {String} Name of the package to star\n* `starred` {Boolean} True to star the package, false to unstar it.\n* `cb` {Function}\n\nStar or unstar a package.\n\nNote that the user does not have to be the package owner to star or\nunstar a package, though other writes do require that the user be the\npackage owner.\n\n# client.tag(project, version, tag, cb)\n\n* `project` {String} Project name\n* `version` {String} Version to tag\n* `tag` {String} Tag name to apply\n* `cb` {Function}\n\nMark a version in the `dist-tags` hash, so that `pkg@tag`\nwill fetch the specified version.\n\n# client.unpublish(name, [ver], cb)\n\n* `name` {String} package name\n* `ver` {String} version to unpublish. Leave blank to unpublish all\n  versions.\n* `cb` {Function}\n\nRemove a version of a package (or all versions) from the registry.  When\nthe last version us unpublished, the entire document is removed from the\ndatabase.\n\n# client.upload(where, file, [etag], [nofollow], cb)\n\n* `where` {String} URL path to upload to\n* `file` {String | Stream} Either the filename or a readable stream\n* `etag` {String} Cache ETag\n* `nofollow` {Boolean} Do not follow 301/302 responses\n* `cb` {Function}\n\nUpload an attachment.  Mostly used by `client.publish()`.\n",
-  "_id": "npm-registry-client@0.2.7",
-  "_from": "npm-registry-client@~0.2.6"
+  "_id": "npm-registry-client@0.2.9",
+  "_from": "npm-registry-client@~0.2.9"
 }
diff --git a/deps/npm/node_modules/read-installed/LICENSE b/deps/npm/node_modules/read-installed/LICENSE
new file mode 100644
index 000000000..0c44ae716
--- /dev/null
+++ b/deps/npm/node_modules/read-installed/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) Isaac Z. Schlueter ("Author")
+All rights reserved.
+
+The BSD License
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
+BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/deps/npm/node_modules/read-installed/package.json b/deps/npm/node_modules/read-installed/package.json
index b122b54af..ef7b2c1cf 100644
--- a/deps/npm/node_modules/read-installed/package.json
+++ b/deps/npm/node_modules/read-installed/package.json
@@ -1,7 +1,7 @@
 {
   "name": "read-installed",
   "description": "Read all the installed packages in a folder, and return a tree structure with all the data.",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "repository": {
     "type": "git",
     "url": "git://github.com/isaacs/read-installed"
@@ -11,7 +11,7 @@
     "test": "node test/basic.js"
   },
   "dependencies": {
-    "semver": "~1.0.14",
+    "semver": "1.x",
     "slide": "~1.1.3",
     "read-package-json": "0",
     "graceful-fs": "~1.1.8",
@@ -27,6 +27,6 @@
     "url": "http://blog.izs.me/"
   },
   "readme": "# read-installed\n\nRead all the installed packages in a folder, and return a tree\nstructure with all the data.\n\nnpm uses this.\n\n## Usage\n\n```javascript\nvar readInstalled = require(\"read-installed\")\n// depth is optional, defaults to Infinity\nreadInstalled(folder, depth, function (er, data) {\n  ...\n})\n```\n",
-  "_id": "read-installed@0.0.2",
+  "_id": "read-installed@0.0.3",
   "_from": "read-installed@0"
 }
diff --git a/deps/npm/node_modules/read-package-json/LICENSE b/deps/npm/node_modules/read-package-json/LICENSE
new file mode 100644
index 000000000..0c44ae716
--- /dev/null
+++ b/deps/npm/node_modules/read-package-json/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) Isaac Z. Schlueter ("Author")
+All rights reserved.
+
+The BSD License
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
+BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/deps/npm/node_modules/read-package-json/package.json b/deps/npm/node_modules/read-package-json/package.json
index ea40d7619..16b05ec87 100644
--- a/deps/npm/node_modules/read-package-json/package.json
+++ b/deps/npm/node_modules/read-package-json/package.json
@@ -1,6 +1,6 @@
 {
   "name": "read-package-json",
-  "version": "0.1.5",
+  "version": "0.1.7",
   "author": {
     "name": "Isaac Z. Schlueter",
     "email": "i@izs.me",
@@ -18,7 +18,7 @@
   "dependencies": {
     "glob": "~3.1.9",
     "lru-cache": "~2.0.0",
-    "semver": "~1.0.14",
+    "semver": "1.x",
     "slide": "~1.1.3",
     "npmlog": "0",
     "graceful-fs": "~1.1.8"
@@ -31,6 +31,6 @@
     "graceful-fs": "~1.1.8"
   },
   "readme": "# read-package-json\n\nThis is the thing that npm uses to read package.json files.  It\nvalidates some stuff, and loads some default things.\n\nIt keeps a cache of the files you've read, so that you don't end\nup reading the same package.json file multiple times.\n\nNote that if you just want to see what's literally in the package.json\nfile, you can usually do `var data = require('some-module/package.json')`.\n\nThis module is basically only needed by npm, but it's handy to see what\nnpm will see when it looks at your package.\n\n## Usage\n\n```javascript\nvar readJson = require('read-package-json')\n\nreadJson('/path/to/package.json', function (er, data) {\n  if (er) {\n    console.error(\"There was an error reading the file\")\n    return\n  }\n\n  console.error('the package data is', data)\n}\n```\n\n## readJson(file, cb)\n\n* `file` {String} The path to the package.json file\n* `cb` {Function}\n\nReads the JSON file and does the things.\n\n## `package.json` Fields\n\nSee `man 5 package.json` or `npm help json`.\n\n## readJson.log\n\nBy default this is a reference to the `npmlog` module.  But if that\nmodule can't be found, then it'll be set to just a dummy thing that does\nnothing.\n\nReplace with your own `{log,warn,error}` object for fun loggy time.\n\n## readJson.extras(file, data, cb)\n\nRun all the extra stuff relative to the file, with the parsed data.\n\nModifies the data as it does stuff.  Calls the cb when it's done.\n\n## readJson.extraSet = [fn, fn, ...]\n\nArray of functions that are called by `extras`.  Each one receives the\narguments `fn(file, data, cb)` and is expected to call `cb(er, data)`\nwhen done or when an error occurs.\n\nOrder is indeterminate, so each function should be completely\nindependent.\n\nMix and match!\n\n## readJson.cache\n\nThe `lru-cache` object that readJson uses to not read the same file over\nand over again.  See\n[lru-cache](https://github.com/isaacs/node-lru-cache) for details.\n\n## Other Relevant Files Besides `package.json`\n\nSome other files have an effect on the resulting data object, in the\nfollowing ways:\n\n### `README?(.*)`\n\nIf there is a `README` or `README.*` file present, then npm will attach\na `readme` field to the data with the contents of this file.\n\nOwing to the fact that roughly 100% of existing node modules have\nMarkdown README files, it will generally be assumed to be Markdown,\nregardless of the extension.  Please plan accordingly.\n\n### `server.js`\n\nIf there is a `server.js` file, and there is not already a\n`scripts.start` field, then `scripts.start` will be set to `node\nserver.js`.\n\n### `AUTHORS`\n\nIf there is not already a `contributors` field, then the `contributors`\nfield will be set to the contents of the `AUTHORS` file, split by lines,\nand parsed.\n\n### `bindings.gyp`\n\nIf a bindings.gyp file exists, and there is not already a\n`scripts.install` field, then the `scripts.install` field will be set to\n`node-gyp rebuild`.\n\n### `wscript`\n\nIf a wscript file exists, and there is not already a `scripts.install`\nfield, then the `scripts.install` field will be set to `node-waf clean ;\nnode-waf configure build`.\n\nNote that the `bindings.gyp` file supercedes this, since node-waf has\nbeen deprecated in favor of node-gyp.\n\n### `index.js`\n\nIf the json file does not exist, but there is a `index.js` file\npresent instead, and that file has a package comment, then it will try\nto parse the package comment, and use that as the data instead.\n\nA package comment looks like this:\n\n```javascript\n/**package\n * { \"name\": \"my-bare-module\"\n * , \"version\": \"1.2.3\"\n * , \"description\": \"etc....\" }\n **/\n\n// or...\n\n/**package\n{ \"name\": \"my-bare-module\"\n, \"version\": \"1.2.3\"\n, \"description\": \"etc....\" }\n**/\n```\n\nThe important thing is that it starts with `/**package`, and ends with\n`**/`.  If the package.json file exists, then the index.js is not\nparsed.\n\n### `{directories.man}/*.[0-9]`\n\nIf there is not already a `man` field defined as an array of files or a\nsingle file, and\nthere is a `directories.man` field defined, then that directory will\nbe searched for manpages.\n\nAny valid manpages found in that directory will be assigned to the `man`\narray, and installed in the appropriate man directory at package install\ntime, when installed globally on a Unix system.\n\n### `{directories.bin}/*`\n\nIf there is not already a `bin` field defined as a string filename or a\nhash of `<name> : <filename>` pairs, then the `directories.bin`\ndirectory will be searched and all the files within it will be linked as\nexecutables at install time.\n\nWhen installing locally, npm links bins into `node_modules/.bin`, which\nis in the `PATH` environ when npm runs scripts.  When\ninstalling globally, they are linked into `{prefix}/bin`, which is\npresumably in the `PATH` environment variable.\n",
-  "_id": "read-package-json@0.1.5",
+  "_id": "read-package-json@0.1.7",
   "_from": "read-package-json@~0.1.3"
 }
diff --git a/deps/npm/node_modules/read-package-json/read-json.js b/deps/npm/node_modules/read-package-json/read-json.js
index b8b940ea7..cfe5c6949 100644
--- a/deps/npm/node_modules/read-package-json/read-json.js
+++ b/deps/npm/node_modules/read-package-json/read-json.js
@@ -227,9 +227,13 @@ function readmeDescription (file, data) {
 function readme (file, data, cb) {
                 if (data.readme) return cb(null, data);
                 var dir = path.dirname(file)
-                var globOpts = { cwd: dir, nocase: true }
+                var globOpts = { cwd: dir, nocase: true, mark: true }
                 glob("README?(.*)", globOpts, function (er, files) {
                                 if (er) return cb(er);
+                                // don't accept directories.
+                                files = files.filter(function (file) {
+                                                return !file.match(/\/$/)
+                                })
                                 if (!files.length) return cb();
                                 var rm = path.resolve(dir, files[0])
                                 readme_(file, data, rm, cb)
@@ -237,6 +241,8 @@ function readme (file, data, cb) {
 }
 function readme_(file, data, rm, cb) {
                 fs.readFile(rm, "utf8", function (er, rm) {
+                                // maybe not readable, or something.
+                                if (er) return cb()
                                 data.readme = rm
                                 return cb(er, data)
                 })
diff --git a/deps/npm/node_modules/semver/package.json b/deps/npm/node_modules/semver/package.json
index d89625fe1..da4f78b2c 100644
--- a/deps/npm/node_modules/semver/package.json
+++ b/deps/npm/node_modules/semver/package.json
@@ -1,6 +1,6 @@
 {
   "name": "semver",
-  "version": "1.0.14",
+  "version": "1.1.0",
   "description": "The semantic version parser used by npm.",
   "main": "semver.js",
   "scripts": {
@@ -20,19 +20,7 @@
   "bin": {
     "semver": "./bin/semver"
   },
-  "_npmUser": {
-    "name": "isaacs",
-    "email": "i@izs.me"
-  },
-  "_id": "semver@1.0.14",
-  "dependencies": {},
-  "optionalDependencies": {},
-  "engines": {
-    "node": "*"
-  },
-  "_engineSupported": true,
-  "_npmVersion": "1.1.22",
-  "_nodeVersion": "v0.7.9",
-  "_defaultsLoaded": true,
-  "_from": "semver@1"
+  "readme": "semver(1) -- The semantic versioner for npm\n===========================================\n\n## Usage\n\n    $ npm install semver\n\n    semver.valid('1.2.3') // true\n    semver.valid('a.b.c') // false\n    semver.clean('  =v1.2.3   ') // '1.2.3'\n    semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true\n    semver.gt('1.2.3', '9.8.7') // false\n    semver.lt('1.2.3', '9.8.7') // true\n\nAs a command-line utility:\n\n    $ semver -h\n\n    Usage: semver -v <version> [-r <range>]\n    Test if version(s) satisfy the supplied range(s),\n    and sort them.\n\n    Multiple versions or ranges may be supplied.\n\n    Program exits successfully if any valid version satisfies\n    all supplied ranges, and prints all satisfying versions.\n\n    If no versions are valid, or ranges are not satisfied,\n    then exits failure.\n\n    Versions are printed in ascending order, so supplying\n    multiple versions to the utility will just sort them.\n\n## Versions\n\nA version is the following things, in this order:\n\n* a number (Major)\n* a period\n* a number (minor)\n* a period\n* a number (patch)\n* OPTIONAL: a hyphen, followed by a number (build)\n* OPTIONAL: a collection of pretty much any non-whitespace characters\n  (tag)\n\nA leading `\"=\"` or `\"v\"` character is stripped off and ignored.\n\n## Comparisons\n\nThe ordering of versions is done using the following algorithm, given\ntwo versions and asked to find the greater of the two:\n\n* If the majors are numerically different, then take the one\n  with a bigger major number. `2.3.4 > 1.3.4`\n* If the minors are numerically different, then take the one\n  with the bigger minor number. `2.3.4 > 2.2.4`\n* If the patches are numerically different, then take the one with the\n  bigger patch number. `2.3.4 > 2.3.3`\n* If only one of them has a build number, then take the one with the\n  build number.  `2.3.4-0 > 2.3.4`\n* If they both have build numbers, and the build numbers are numerically\n  different, then take the one with the bigger build number.\n  `2.3.4-10 > 2.3.4-9`\n* If only one of them has a tag, then take the one without the tag.\n  `2.3.4 > 2.3.4-beta`\n* If they both have tags, then take the one with the lexicographically\n  larger tag.  `2.3.4-beta > 2.3.4-alpha`\n* At this point, they're equal.\n\n## Ranges\n\nThe following range styles are supported:\n\n* `>1.2.3` Greater than a specific version.\n* `<1.2.3` Less than\n* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`\n* `~1.2.3` := `>=1.2.3 <1.3.0`\n* `~1.2` := `>=1.2.0 <2.0.0`\n* `~1` := `>=1.0.0 <2.0.0`\n* `1.2.x` := `>=1.2.0 <1.3.0`\n* `1.x` := `>=1.0.0 <2.0.0`\n\nRanges can be joined with either a space (which implies \"and\") or a\n`||` (which implies \"or\").\n\n## Functions\n\n* valid(v): Return the parsed version, or null if it's not valid.\n* inc(v, release): Return the version incremented by the release type\n  (major, minor, patch, or build), or null if it's not valid.\n\n### Comparison\n\n* gt(v1, v2): `v1 > v2`\n* gte(v1, v2): `v1 >= v2`\n* lt(v1, v2): `v1 < v2`\n* lte(v1, v2): `v1 <= v2`\n* eq(v1, v2): `v1 == v2` This is true if they're logically equivalent,\n  even if they're not the exact same string.  You already know how to\n  compare strings.\n* neq(v1, v2): `v1 != v2` The opposite of eq.\n* cmp(v1, comparator, v2): Pass in a comparison string, and it'll call\n  the corresponding function above.  `\"===\"` and `\"!==\"` do simple\n  string comparison, but are included for completeness.  Throws if an\n  invalid comparison string is provided.\n* compare(v1, v2): Return 0 if v1 == v2, or 1 if v1 is greater, or -1 if\n  v2 is greater.  Sorts in ascending order if passed to Array.sort().\n* rcompare(v1, v2): The reverse of compare.  Sorts an array of versions\n  in descending order when passed to Array.sort().\n\n\n### Ranges\n\n* validRange(range): Return the valid range or null if it's not valid\n* satisfies(version, range): Return true if the version satisfies the\n  range.\n* maxSatisfying(versions, range): Return the highest version in the list\n  that satisfies the range, or null if none of them do.\n",
+  "_id": "semver@1.1.0",
+  "_from": "semver@latest"
 }
diff --git a/deps/npm/node_modules/semver/semver.js b/deps/npm/node_modules/semver/semver.js
index 8090e0c0d..3702a7b5d 100644
--- a/deps/npm/node_modules/semver/semver.js
+++ b/deps/npm/node_modules/semver/semver.js
@@ -4,11 +4,11 @@
 // This implementation is a *hair* less strict in that it allows
 // v1.2.3 things, and also tags that don't begin with a char.
 
-var semver = "\\s*[v=]*\\s*([0-9]+)"                // major
+var semver = "\\s*[v=]*\\s*([0-9]+)"        // major
            + "\\.([0-9]+)"                  // minor
            + "\\.([0-9]+)"                  // patch
            + "(-[0-9]+-?)?"                 // build
-           + "([a-zA-Z-][a-zA-Z0-9-\.:]*)?" // tag
+           + "([a-zA-Z-+][a-zA-Z0-9-\.:]*)?" // tag
   , exprComparator = "^((<|>)?=?)\s*("+semver+")$|^$"
   , xRangePlain = "[v=]*([0-9]+|x|X|\\*)"
                 + "(?:\\.([0-9]+|x|X|\\*)"
diff --git a/deps/npm/node_modules/semver/test.js b/deps/npm/node_modules/semver/test.js
new file mode 100644
index 000000000..1d8114074
--- /dev/null
+++ b/deps/npm/node_modules/semver/test.js
@@ -0,0 +1,406 @@
+var tap = require("tap")
+  , test = tap.test
+  , semver = require("./semver.js")
+  , eq = semver.eq
+  , gt = semver.gt
+  , lt = semver.lt
+  , neq = semver.neq
+  , cmp = semver.cmp
+  , gte = semver.gte
+  , lte = semver.lte
+  , satisfies = semver.satisfies
+  , validRange = semver.validRange
+  , inc = semver.inc
+  , replaceStars = semver.replaceStars
+  , toComparators = semver.toComparators
+
+tap.plan(8)
+
+test("\ncomparison tests", function (t) {
+; [ ["0.0.0", "0.0.0foo"]
+  , ["0.0.1", "0.0.0"]
+  , ["1.0.0", "0.9.9"]
+  , ["0.10.0", "0.9.0"]
+  , ["0.99.0", "0.10.0"]
+  , ["2.0.0", "1.2.3"]
+  , ["v0.0.0", "0.0.0foo"]
+  , ["v0.0.1", "0.0.0"]
+  , ["v1.0.0", "0.9.9"]
+  , ["v0.10.0", "0.9.0"]
+  , ["v0.99.0", "0.10.0"]
+  , ["v2.0.0", "1.2.3"]
+  , ["0.0.0", "v0.0.0foo"]
+  , ["0.0.1", "v0.0.0"]
+  , ["1.0.0", "v0.9.9"]
+  , ["0.10.0", "v0.9.0"]
+  , ["0.99.0", "v0.10.0"]
+  , ["2.0.0", "v1.2.3"]
+  , ["1.2.3", "1.2.3-asdf"]
+  , ["1.2.3-4", "1.2.3"]
+  , ["1.2.3-4-foo", "1.2.3"]
+  , ["1.2.3-5", "1.2.3-5-foo"]
+  , ["1.2.3-5", "1.2.3-4"]
+  , ["1.2.3-5-foo", "1.2.3-5-Foo"]
+  , ["3.0.0", "2.7.2+"]
+  ].forEach(function (v) {
+    var v0 = v[0]
+      , v1 = v[1]
+    t.ok(gt(v0, v1), "gt('"+v0+"', '"+v1+"')")
+    t.ok(lt(v1, v0), "lt('"+v1+"', '"+v0+"')")
+    t.ok(!gt(v1, v0), "!gt('"+v1+"', '"+v0+"')")
+    t.ok(!lt(v0, v1), "!lt('"+v0+"', '"+v1+"')")
+    t.ok(eq(v0, v0), "eq('"+v0+"', '"+v0+"')")
+    t.ok(eq(v1, v1), "eq('"+v1+"', '"+v1+"')")
+    t.ok(neq(v0, v1), "neq('"+v0+"', '"+v1+"')")
+    t.ok(cmp(v1, "==", v1), "cmp('"+v1+"' == '"+v1+"')")
+    t.ok(cmp(v0, ">=", v1), "cmp('"+v0+"' >= '"+v1+"')")
+    t.ok(cmp(v1, "<=", v0), "cmp('"+v1+"' <= '"+v0+"')")
+    t.ok(cmp(v0, "!=", v1), "cmp('"+v0+"' != '"+v1+"')")
+  })
+  t.end()
+})
+
+test("\nequality tests", function (t) {
+; [ ["1.2.3", "v1.2.3"]
+  , ["1.2.3", "=1.2.3"]
+  , ["1.2.3", "v 1.2.3"]
+  , ["1.2.3", "= 1.2.3"]
+  , ["1.2.3", " v1.2.3"]
+  , ["1.2.3", " =1.2.3"]
+  , ["1.2.3", " v 1.2.3"]
+  , ["1.2.3", " = 1.2.3"]
+  , ["1.2.3-0", "v1.2.3-0"]
+  , ["1.2.3-0", "=1.2.3-0"]
+  , ["1.2.3-0", "v 1.2.3-0"]
+  , ["1.2.3-0", "= 1.2.3-0"]
+  , ["1.2.3-0", " v1.2.3-0"]
+  , ["1.2.3-0", " =1.2.3-0"]
+  , ["1.2.3-0", " v 1.2.3-0"]
+  , ["1.2.3-0", " = 1.2.3-0"]
+  , ["1.2.3-01", "v1.2.3-1"]
+  , ["1.2.3-01", "=1.2.3-1"]
+  , ["1.2.3-01", "v 1.2.3-1"]
+  , ["1.2.3-01", "= 1.2.3-1"]
+  , ["1.2.3-01", " v1.2.3-1"]
+  , ["1.2.3-01", " =1.2.3-1"]
+  , ["1.2.3-01", " v 1.2.3-1"]
+  , ["1.2.3-01", " = 1.2.3-1"]
+  , ["1.2.3beta", "v1.2.3beta"]
+  , ["1.2.3beta", "=1.2.3beta"]
+  , ["1.2.3beta", "v 1.2.3beta"]
+  , ["1.2.3beta", "= 1.2.3beta"]
+  , ["1.2.3beta", " v1.2.3beta"]
+  , ["1.2.3beta", " =1.2.3beta"]
+  , ["1.2.3beta", " v 1.2.3beta"]
+  , ["1.2.3beta", " = 1.2.3beta"]
+  ].forEach(function (v) {
+    var v0 = v[0]
+      , v1 = v[1]
+    t.ok(eq(v0, v1), "eq('"+v0+"', '"+v1+"')")
+    t.ok(!neq(v0, v1), "!neq('"+v0+"', '"+v1+"')")
+    t.ok(cmp(v0, "==", v1), "cmp("+v0+"=="+v1+")")
+    t.ok(!cmp(v0, "!=", v1), "!cmp("+v0+"!="+v1+")")
+    t.ok(!cmp(v0, "===", v1), "!cmp("+v0+"==="+v1+")")
+    t.ok(cmp(v0, "!==", v1), "cmp("+v0+"!=="+v1+")")
+    t.ok(!gt(v0, v1), "!gt('"+v0+"', '"+v1+"')")
+    t.ok(gte(v0, v1), "gte('"+v0+"', '"+v1+"')")
+    t.ok(!lt(v0, v1), "!lt('"+v0+"', '"+v1+"')")
+    t.ok(lte(v0, v1), "lte('"+v0+"', '"+v1+"')")
+  })
+  t.end()
+})
+
+
+test("\nrange tests", function (t) {
+; [ ["1.0.0 - 2.0.0", "1.2.3"]
+  , ["1.0.0", "1.0.0"]
+  , [">=*", "0.2.4"]
+  , ["", "1.0.0"]
+  , ["*", "1.2.3"]
+  , ["*", "v1.2.3-foo"]
+  , [">=1.0.0", "1.0.0"]
+  , [">=1.0.0", "1.0.1"]
+  , [">=1.0.0", "1.1.0"]
+  , [">1.0.0", "1.0.1"]
+  , [">1.0.0", "1.1.0"]
+  , ["<=2.0.0", "2.0.0"]
+  , ["<=2.0.0", "1.9999.9999"]
+  , ["<=2.0.0", "0.2.9"]
+  , ["<2.0.0", "1.9999.9999"]
+  , ["<2.0.0", "0.2.9"]
+  , [">= 1.0.0", "1.0.0"]
+  , [">=  1.0.0", "1.0.1"]
+  , [">=   1.0.0", "1.1.0"]
+  , ["> 1.0.0", "1.0.1"]
+  , [">  1.0.0", "1.1.0"]
+  , ["<=   2.0.0", "2.0.0"]
+  , ["<= 2.0.0", "1.9999.9999"]
+  , ["<=  2.0.0", "0.2.9"]
+  , ["<    2.0.0", "1.9999.9999"]
+  , ["<\t2.0.0", "0.2.9"]
+  , [">=0.1.97", "v0.1.97"]
+  , [">=0.1.97", "0.1.97"]
+  , ["0.1.20 || 1.2.4", "1.2.4"]
+  , [">=0.2.3 || <0.0.1", "0.0.0"]
+  , [">=0.2.3 || <0.0.1", "0.2.3"]
+  , [">=0.2.3 || <0.0.1", "0.2.4"]
+  , ["||", "1.3.4"]
+  , ["2.x.x", "2.1.3"]
+  , ["1.2.x", "1.2.3"]
+  , ["1.2.x || 2.x", "2.1.3"]
+  , ["1.2.x || 2.x", "1.2.3"]
+  , ["x", "1.2.3"]
+  , ["2.*.*", "2.1.3"]
+  , ["1.2.*", "1.2.3"]
+  , ["1.2.* || 2.*", "2.1.3"]
+  , ["1.2.* || 2.*", "1.2.3"]
+  , ["*", "1.2.3"]
+  , ["2", "2.1.2"]
+  , ["2.3", "2.3.1"]
+  , ["~2.4", "2.4.0"] // >=2.4.0 <2.5.0
+  , ["~2.4", "2.4.5"]
+  , ["~>3.2.1", "3.2.2"] // >=3.2.1 <3.3.0
+  , ["~1", "1.2.3"] // >=1.0.0 <2.0.0
+  , ["~>1", "1.2.3"]
+  , ["~> 1", "1.2.3"]
+  , ["~1.0", "1.0.2"] // >=1.0.0 <1.1.0
+  , ["~ 1.0", "1.0.2"]
+  , [">=1", "1.0.0"]
+  , [">= 1", "1.0.0"]
+  , ["<1.2", "1.1.1"]
+  , ["< 1.2", "1.1.1"]
+  , ["1", "1.0.0beta"]
+  , ["~v0.5.4-pre", "0.5.5"]
+  , ["~v0.5.4-pre", "0.5.4"]
+  , ["=0.7.x", "0.7.2"]
+  , [">=0.7.x", "0.7.2"]
+  , ["=0.7.x", "0.7.0-asdf"]
+  , [">=0.7.x", "0.7.0-asdf"]
+  , ["<=0.7.x", "0.6.2"]
+  ].forEach(function (v) {
+    t.ok(satisfies(v[1], v[0]), v[0]+" satisfied by "+v[1])
+  })
+  t.end()
+})
+
+test("\nnegative range tests", function (t) {
+; [ ["1.0.0 - 2.0.0", "2.2.3"]
+  , ["1.0.0", "1.0.1"]
+  , [">=1.0.0", "0.0.0"]
+  , [">=1.0.0", "0.0.1"]
+  , [">=1.0.0", "0.1.0"]
+  , [">1.0.0", "0.0.1"]
+  , [">1.0.0", "0.1.0"]
+  , ["<=2.0.0", "3.0.0"]
+  , ["<=2.0.0", "2.9999.9999"]
+  , ["<=2.0.0", "2.2.9"]
+  , ["<2.0.0", "2.9999.9999"]
+  , ["<2.0.0", "2.2.9"]
+  , [">=0.1.97", "v0.1.93"]
+  , [">=0.1.97", "0.1.93"]
+  , ["0.1.20 || 1.2.4", "1.2.3"]
+  , [">=0.2.3 || <0.0.1", "0.0.3"]
+  , [">=0.2.3 || <0.0.1", "0.2.2"]
+  , ["2.x.x", "1.1.3"]
+  , ["2.x.x", "3.1.3"]
+  , ["1.2.x", "1.3.3"]
+  , ["1.2.x || 2.x", "3.1.3"]
+  , ["1.2.x || 2.x", "1.1.3"]
+  , ["2.*.*", "1.1.3"]
+  , ["2.*.*", "3.1.3"]
+  , ["1.2.*", "1.3.3"]
+  , ["1.2.* || 2.*", "3.1.3"]
+  , ["1.2.* || 2.*", "1.1.3"]
+  , ["2", "1.1.2"]
+  , ["2.3", "2.4.1"]
+  , ["~2.4", "2.5.0"] // >=2.4.0 <2.5.0
+  , ["~2.4", "2.3.9"]
+  , ["~>3.2.1", "3.3.2"] // >=3.2.1 <3.3.0
+  , ["~>3.2.1", "3.2.0"] // >=3.2.1 <3.3.0
+  , ["~1", "0.2.3"] // >=1.0.0 <2.0.0
+  , ["~>1", "2.2.3"]
+  , ["~1.0", "1.1.0"] // >=1.0.0 <1.1.0
+  , ["<1", "1.0.0"]
+  , [">=1.2", "1.1.1"]
+  , ["1", "2.0.0beta"]
+  , ["~v0.5.4-beta", "0.5.4-alpha"]
+  , ["<1", "1.0.0beta"]
+  , ["< 1", "1.0.0beta"]
+  , ["=0.7.x", "0.8.2"]
+  , [">=0.7.x", "0.6.2"]
+  , ["<=0.7.x", "0.7.2"]
+  ].forEach(function (v) {
+    t.ok(!satisfies(v[1], v[0]), v[0]+" not satisfied by "+v[1])
+  })
+  t.end()
+})
+
+test("\nincrement versions test", function (t) {
+; [ [ "1.2.3",   "major", "2.0.0"   ]
+  , [ "1.2.3",   "minor", "1.3.0"   ]
+  , [ "1.2.3",   "patch", "1.2.4"   ]
+  , [ "1.2.3",   "build", "1.2.3-1" ]
+  , [ "1.2.3-4", "build", "1.2.3-5" ]
+  , [ "1.2.3tag",    "major", "2.0.0"   ]
+  , [ "1.2.3-tag",   "major", "2.0.0"   ]
+  , [ "1.2.3tag",    "build", "1.2.3-1" ]
+  , [ "1.2.3-tag",   "build", "1.2.3-1" ]
+  , [ "1.2.3-4-tag", "build", "1.2.3-5" ]
+  , [ "1.2.3-4tag",  "build", "1.2.3-5" ]
+  , [ "1.2.3", "fake",  null ]
+  , [ "fake",  "major", null ]
+  ].forEach(function (v) {
+    t.equal(inc(v[0], v[1]), v[2], "inc("+v[0]+", "+v[1]+") === "+v[2])
+  })
+
+  t.end()
+})
+
+test("\nreplace stars test", function (t) {
+; [ [ "", "" ]
+  , [ "*", "" ]
+  , [ "> *", "" ]
+  , [ "<*", "" ]
+  , [ " >=  *", "" ]
+  , [ "* || 1.2.3", " || 1.2.3" ]
+  ].forEach(function (v) {
+    t.equal(replaceStars(v[0]), v[1], "replaceStars("+v[0]+") === "+v[1])
+  })
+
+  t.end()
+})
+
+test("\nvalid range test", function (t) {
+; [ ["1.0.0 - 2.0.0", ">=1.0.0 <=2.0.0"]
+  , ["1.0.0", "1.0.0"]
+  , [">=*", ""]
+  , ["", ""]
+  , ["*", ""]
+  , ["*", ""]
+  , [">=1.0.0", ">=1.0.0"]
+  , [">1.0.0", ">1.0.0"]
+  , ["<=2.0.0", "<=2.0.0"]
+  , ["1", ">=1.0.0- <2.0.0-"]
+  , ["<=2.0.0", "<=2.0.0"]
+  , ["<=2.0.0", "<=2.0.0"]
+  , ["<2.0.0", "<2.0.0"]
+  , ["<2.0.0", "<2.0.0"]
+  , [">= 1.0.0", ">=1.0.0"]
+  , [">=  1.0.0", ">=1.0.0"]
+  , [">=   1.0.0", ">=1.0.0"]
+  , ["> 1.0.0", ">1.0.0"]
+  , [">  1.0.0", ">1.0.0"]
+  , ["<=   2.0.0", "<=2.0.0"]
+  , ["<= 2.0.0", "<=2.0.0"]
+  , ["<=  2.0.0", "<=2.0.0"]
+  , ["<    2.0.0", "<2.0.0"]
+  , ["<	2.0.0", "<2.0.0"]
+  , [">=0.1.97", ">=0.1.97"]
+  , [">=0.1.97", ">=0.1.97"]
+  , ["0.1.20 || 1.2.4", "0.1.20||1.2.4"]
+  , [">=0.2.3 || <0.0.1", ">=0.2.3||<0.0.1"]
+  , [">=0.2.3 || <0.0.1", ">=0.2.3||<0.0.1"]
+  , [">=0.2.3 || <0.0.1", ">=0.2.3||<0.0.1"]
+  , ["||", "||"]
+  , ["2.x.x", ">=2.0.0- <3.0.0-"]
+  , ["1.2.x", ">=1.2.0- <1.3.0-"]
+  , ["1.2.x || 2.x", ">=1.2.0- <1.3.0-||>=2.0.0- <3.0.0-"]
+  , ["1.2.x || 2.x", ">=1.2.0- <1.3.0-||>=2.0.0- <3.0.0-"]
+  , ["x", ""]
+  , ["2.*.*", null]
+  , ["1.2.*", null]
+  , ["1.2.* || 2.*", null]
+  , ["1.2.* || 2.*", null]
+  , ["*", ""]
+  , ["2", ">=2.0.0- <3.0.0-"]
+  , ["2.3", ">=2.3.0- <2.4.0-"]
+  , ["~2.4", ">=2.4.0- <2.5.0-"]
+  , ["~2.4", ">=2.4.0- <2.5.0-"]
+  , ["~>3.2.1", ">=3.2.1- <3.3.0-"]
+  , ["~1", ">=1.0.0- <2.0.0-"]
+  , ["~>1", ">=1.0.0- <2.0.0-"]
+  , ["~> 1", ">=1.0.0- <2.0.0-"]
+  , ["~1.0", ">=1.0.0- <1.1.0-"]
+  , ["~ 1.0", ">=1.0.0- <1.1.0-"]
+  , ["<1", "<1.0.0-"]
+  , ["< 1", "<1.0.0-"]
+  , [">=1", ">=1.0.0-"]
+  , [">= 1", ">=1.0.0-"]
+  , ["<1.2", "<1.2.0-"]
+  , ["< 1.2", "<1.2.0-"]
+  , ["1", ">=1.0.0- <2.0.0-"]
+  ].forEach(function (v) {
+    t.equal(validRange(v[0]), v[1], "validRange("+v[0]+") === "+v[1])
+  })
+
+  t.end()
+})
+
+test("\ncomparators test", function (t) {
+; [ ["1.0.0 - 2.0.0", [[">=1.0.0", "<=2.0.0"]] ]
+  , ["1.0.0", [["1.0.0"]] ]
+  , [">=*", [[">=0.0.0-"]] ]
+  , ["", [[""]]]
+  , ["*", [[""]] ]
+  , ["*", [[""]] ]
+  , [">=1.0.0", [[">=1.0.0"]] ]
+  , [">=1.0.0", [[">=1.0.0"]] ]
+  , [">=1.0.0", [[">=1.0.0"]] ]
+  , [">1.0.0", [[">1.0.0"]] ]
+  , [">1.0.0", [[">1.0.0"]] ]
+  , ["<=2.0.0", [["<=2.0.0"]] ]
+  , ["1", [[">=1.0.0-", "<2.0.0-"]] ]
+  , ["<=2.0.0", [["<=2.0.0"]] ]
+  , ["<=2.0.0", [["<=2.0.0"]] ]
+  , ["<2.0.0", [["<2.0.0"]] ]
+  , ["<2.0.0", [["<2.0.0"]] ]
+  , [">= 1.0.0", [[">=1.0.0"]] ]
+  , [">=  1.0.0", [[">=1.0.0"]] ]
+  , [">=   1.0.0", [[">=1.0.0"]] ]
+  , ["> 1.0.0", [[">1.0.0"]] ]
+  , [">  1.0.0", [[">1.0.0"]] ]
+  , ["<=   2.0.0", [["<=2.0.0"]] ]
+  , ["<= 2.0.0", [["<=2.0.0"]] ]
+  , ["<=  2.0.0", [["<=2.0.0"]] ]
+  , ["<    2.0.0", [["<2.0.0"]] ]
+  , ["<\t2.0.0", [["<2.0.0"]] ]
+  , [">=0.1.97", [[">=0.1.97"]] ]
+  , [">=0.1.97", [[">=0.1.97"]] ]
+  , ["0.1.20 || 1.2.4", [["0.1.20"], ["1.2.4"]] ]
+  , [">=0.2.3 || <0.0.1", [[">=0.2.3"], ["<0.0.1"]] ]
+  , [">=0.2.3 || <0.0.1", [[">=0.2.3"], ["<0.0.1"]] ]
+  , [">=0.2.3 || <0.0.1", [[">=0.2.3"], ["<0.0.1"]] ]
+  , ["||", [[""], [""]] ]
+  , ["2.x.x", [[">=2.0.0-", "<3.0.0-"]] ]
+  , ["1.2.x", [[">=1.2.0-", "<1.3.0-"]] ]
+  , ["1.2.x || 2.x", [[">=1.2.0-", "<1.3.0-"], [">=2.0.0-", "<3.0.0-"]] ]
+  , ["1.2.x || 2.x", [[">=1.2.0-", "<1.3.0-"], [">=2.0.0-", "<3.0.0-"]] ]
+  , ["x", [[""]] ]
+  , ["2.*.*", [[">=2.0.0-", "<3.0.0-"]] ]
+  , ["1.2.*", [[">=1.2.0-", "<1.3.0-"]] ]
+  , ["1.2.* || 2.*", [[">=1.2.0-", "<1.3.0-"], [">=2.0.0-", "<3.0.0-"]] ]
+  , ["1.2.* || 2.*", [[">=1.2.0-", "<1.3.0-"], [">=2.0.0-", "<3.0.0-"]] ]
+  , ["*", [[""]] ]
+  , ["2", [[">=2.0.0-", "<3.0.0-"]] ]
+  , ["2.3", [[">=2.3.0-", "<2.4.0-"]] ]
+  , ["~2.4", [[">=2.4.0-", "<2.5.0-"]] ]
+  , ["~2.4", [[">=2.4.0-", "<2.5.0-"]] ]
+  , ["~>3.2.1", [[">=3.2.1-", "<3.3.0-"]] ]
+  , ["~1", [[">=1.0.0-", "<2.0.0-"]] ]
+  , ["~>1", [[">=1.0.0-", "<2.0.0-"]] ]
+  , ["~> 1", [[">=1.0.0-", "<2.0.0-"]] ]
+  , ["~1.0", [[">=1.0.0-", "<1.1.0-"]] ]
+  , ["~ 1.0", [[">=1.0.0-", "<1.1.0-"]] ]
+  , ["<1", [["<1.0.0-"]] ]
+  , ["< 1", [["<1.0.0-"]] ]
+  , [">=1", [[">=1.0.0-"]] ]
+  , [">= 1", [[">=1.0.0-"]] ]
+  , ["<1.2", [["<1.2.0-"]] ]
+  , ["< 1.2", [["<1.2.0-"]] ]
+  , ["1", [[">=1.0.0-", "<2.0.0-"]] ]
+  ].forEach(function (v) {
+    t.equivalent(toComparators(v[0]), v[1], "toComparators("+v[0]+") === "+JSON.stringify(v[1]))
+  })
+
+  t.end()
+})