* first action! (#1)

node_modules/pacote/lib/fetchers/alias.js

@@ -0,0 +1,24 @@
+'use strict'
+
+const Fetcher = require('../fetch')
+const fetchRegistry = require('./registry')
+
+const fetchRemote = module.exports = Object.create(null)
+
+Fetcher.impl(fetchRemote, {
+  packument (spec, opts) {
+    return fetchRegistry.packument(spec.subSpec, opts)
+  },
+
+  manifest (spec, opts) {
+    return fetchRegistry.manifest(spec.subSpec, opts)
+  },
+
+  tarball (spec, opts) {
+    return fetchRegistry.tarball(spec.subSpec, opts)
+  },
+
+  fromManifest (manifest, spec, opts) {
+    return fetchRegistry.fromManifest(manifest, spec.subSpec, opts)
+  }
+})

node_modules/pacote/lib/fetchers/directory.js

@@ -0,0 +1,88 @@
+'use strict'
+
+const BB = require('bluebird')
+
+const Fetcher = require('../fetch')
+const glob = BB.promisify(require('glob'))
+const packDir = require('../util/pack-dir')
+const readJson = require('../util/read-json')
+const path = require('path')
+const pipe = BB.promisify(require('mississippi').pipe)
+const through = require('mississippi').through
+
+const readFileAsync = BB.promisify(require('fs').readFile)
+
+const fetchDirectory = module.exports = Object.create(null)
+
+Fetcher.impl(fetchDirectory, {
+  packument (spec, opts) {
+    return this.manifest(spec, opts).then(manifest => {
+      return Object.assign({}, manifest, {
+        'dist-tags': {
+          'latest': manifest.version
+        },
+        time: {
+          [manifest.version]: (new Date()).toISOString()
+        },
+        versions: {
+          [manifest.version]: manifest
+        }
+      })
+    })
+  },
+  // `directory` manifests come from the actual manifest/lockfile data.
+  manifest (spec, opts) {
+    const pkgPath = path.join(spec.fetchSpec, 'package.json')
+    const srPath = path.join(spec.fetchSpec, 'npm-shrinkwrap.json')
+    return BB.join(
+      readFileAsync(pkgPath).then(readJson).catch({ code: 'ENOENT' }, err => {
+        err.code = 'ENOPACKAGEJSON'
+        throw err
+      }),
+      readFileAsync(srPath).then(readJson).catch({ code: 'ENOENT' }, () => null),
+      (pkg, sr) => {
+        pkg._shrinkwrap = sr
+        pkg._hasShrinkwrap = !!sr
+        pkg._resolved = spec.fetchSpec
+        pkg._integrity = false // Don't auto-calculate integrity
+        pkg._shasum = false // Don't auto-calculate shasum either
+        return pkg
+      }
+    ).then(pkg => {
+      if (!pkg.bin && pkg.directories && pkg.directories.bin) {
+        const dirBin = pkg.directories.bin
+        return glob(path.join(spec.fetchSpec, dirBin, '/**'), { nodir: true }).then(matches => {
+          matches.forEach(filePath => {
+            const relative = path.relative(spec.fetchSpec, filePath)
+            if (relative && relative[0] !== '.') {
+              if (!pkg.bin) { pkg.bin = {} }
+              pkg.bin[path.basename(relative)] = relative
+            }
+          })
+        }).then(() => pkg)
+      } else {
+        return pkg
+      }
+    })
+  },
+
+  // As of npm@5, the npm installer doesn't pack + install directories: it just
+  // creates symlinks. This code is here because `npm pack` still needs the
+  // ability to create a tarball from a local directory.
+  tarball (spec, opts) {
+    const stream = through()
+    this.manifest(spec, opts).then(mani => {
+      return pipe(this.fromManifest(mani, spec, opts), stream)
+    }).catch(err => stream.emit('error', err))
+    return stream
+  },
+
+  // `directory` tarballs are generated in a very similar way to git tarballs.
+  fromManifest (manifest, spec, opts) {
+    const stream = through()
+    packDir(manifest, manifest._resolved, manifest._resolved, stream, opts).catch(err => {
+      stream.emit('error', err)
+    })
+    return stream
+  }
+})

node_modules/pacote/lib/fetchers/file.js

@@ -0,0 +1,78 @@
+'use strict'
+
+const BB = require('bluebird')
+
+const cacache = require('cacache')
+const Fetcher = require('../fetch')
+const fs = require('fs')
+const pipe = BB.promisify(require('mississippi').pipe)
+const through = require('mississippi').through
+
+const readFileAsync = BB.promisify(fs.readFile)
+const statAsync = BB.promisify(fs.stat)
+
+const MAX_BULK_SIZE = 2 * 1024 * 1024 // 2MB
+
+// `file` packages refer to local tarball files.
+const fetchFile = module.exports = Object.create(null)
+
+Fetcher.impl(fetchFile, {
+  packument (spec, opts) {
+    return BB.reject(new Error('Not implemented yet'))
+  },
+
+  manifest (spec, opts) {
+    // We can't do much here. `finalizeManifest` will take care of
+    // calling `tarball` to fill out all the necessary details.
+    return BB.resolve(null)
+  },
+
+  // All the heavy lifting for `file` packages is done here.
+  // They're never cached. We just read straight out of the file.
+  // TODO - maybe they *should* be cached?
+  tarball (spec, opts) {
+    const src = spec._resolved || spec.fetchSpec
+    const stream = through()
+    statAsync(src).then(stat => {
+      if (spec._resolved) { stream.emit('manifest', spec) }
+      if (stat.size <= MAX_BULK_SIZE) {
+        // YAY LET'S DO THING IN BULK
+        return readFileAsync(src).then(data => {
+          if (opts.cache) {
+            return cacache.put(
+              opts.cache, `pacote:tarball:file:${src}`, data, {
+                integrity: opts.integrity
+              }
+            ).then(integrity => ({ data, integrity }))
+          } else {
+            return { data }
+          }
+        }).then(info => {
+          if (info.integrity) { stream.emit('integrity', info.integrity) }
+          stream.write(info.data, () => {
+            stream.end()
+          })
+        })
+      } else {
+        let integrity
+        const cacheWriter = !opts.cache
+          ? BB.resolve(null)
+          : (pipe(
+            fs.createReadStream(src),
+            cacache.put.stream(opts.cache, `pacote:tarball:${src}`, {
+              integrity: opts.integrity
+            }).on('integrity', d => { integrity = d })
+          ))
+        return cacheWriter.then(() => {
+          if (integrity) { stream.emit('integrity', integrity) }
+          return pipe(fs.createReadStream(src), stream)
+        })
+      }
+    }).catch(err => stream.emit('error', err))
+    return stream
+  },
+
+  fromManifest (manifest, spec, opts) {
+    return this.tarball(manifest || spec, opts)
+  }
+})

node_modules/pacote/lib/fetchers/git.js

@@ -0,0 +1,178 @@
+'use strict'
+
+const BB = require('bluebird')
+
+const cacache = require('cacache')
+const cacheKey = require('../util/cache-key')
+const Fetcher = require('../fetch')
+const git = require('../util/git')
+const mkdirp = BB.promisify(require('mkdirp'))
+const pickManifest = require('npm-pick-manifest')
+const optCheck = require('../util/opt-check')
+const osenv = require('osenv')
+const packDir = require('../util/pack-dir')
+const PassThrough = require('stream').PassThrough
+const path = require('path')
+const pipe = BB.promisify(require('mississippi').pipe)
+const rimraf = BB.promisify(require('rimraf'))
+const uniqueFilename = require('unique-filename')
+
+// `git` dependencies are fetched from git repositories and packed up.
+const fetchGit = module.exports = Object.create(null)
+
+Fetcher.impl(fetchGit, {
+  packument (spec, opts) {
+    return BB.reject(new Error('Not implemented yet.'))
+  },
+
+  manifest (spec, opts) {
+    opts = optCheck(opts)
+    if (spec.hosted && spec.hosted.getDefaultRepresentation() === 'shortcut') {
+      return hostedManifest(spec, opts)
+    } else {
+      // If it's not a shortcut, don't do fallbacks.
+      return plainManifest(spec.fetchSpec, spec, opts)
+    }
+  },
+
+  tarball (spec, opts) {
+    opts = optCheck(opts)
+    const stream = new PassThrough()
+    this.manifest(spec, opts).then(manifest => {
+      stream.emit('manifest', manifest)
+      return pipe(
+        this.fromManifest(
+          manifest, spec, opts
+        ).on('integrity', i => stream.emit('integrity', i)), stream
+      )
+    }).catch(err => stream.emit('error', err))
+    return stream
+  },
+
+  fromManifest (manifest, spec, opts) {
+    opts = optCheck(opts)
+    let streamError
+    const stream = new PassThrough().on('error', e => { streamError = e })
+    const cacheName = manifest._uniqueResolved || manifest._resolved || ''
+    const cacheStream = (
+      opts.cache &&
+      cacache.get.stream(
+        opts.cache, cacheKey('packed-dir', cacheName), opts
+      ).on('integrity', i => stream.emit('integrity', i))
+    )
+    cacheStream.pipe(stream)
+    cacheStream.on('error', err => {
+      if (err.code !== 'ENOENT') {
+        return stream.emit('error', err)
+      } else {
+        stream.emit('reset')
+        return withTmp(opts, tmp => {
+          if (streamError) { throw streamError }
+          return cloneRepo(
+            spec, manifest._repo, manifest._ref, manifest._rawRef, tmp, opts
+          ).then(HEAD => {
+            if (streamError) { throw streamError }
+            manifest._resolved = spec.saveSpec.replace(/(:?#.*)?$/, `#${HEAD}`)
+            manifest._uniqueResolved = manifest._resolved
+            return packDir(manifest, manifest._uniqueResolved, tmp, stream, opts)
+          })
+        }).catch(err => stream.emit('error', err))
+      }
+    })
+    return stream
+  }
+})
+
+function hostedManifest (spec, opts) {
+  return BB.resolve(null).then(() => {
+    if (!spec.hosted.git()) {
+      throw new Error(`No git url for ${spec}`)
+    }
+    return plainManifest(spec.hosted.git(), spec, opts)
+  }).catch(err => {
+    if (!spec.hosted.https()) {
+      throw err
+    }
+    return plainManifest(spec.hosted.https(), spec, opts)
+  }).catch(err => {
+    if (!spec.hosted.sshurl()) {
+      throw err
+    }
+    return plainManifest(spec.hosted.sshurl(), spec, opts)
+  })
+}
+
+function plainManifest (repo, spec, opts) {
+  const rawRef = spec.gitCommittish || spec.gitRange
+  return resolve(
+    repo, spec, spec.name, opts
+  ).then(ref => {
+    if (ref) {
+      const resolved = spec.saveSpec.replace(/(?:#.*)?$/, `#${ref.sha}`)
+      return {
+        _repo: repo,
+        _resolved: resolved,
+        _spec: spec,
+        _ref: ref,
+        _rawRef: spec.gitCommittish || spec.gitRange,
+        _uniqueResolved: resolved,
+        _integrity: false,
+        _shasum: false
+      }
+    } else {
+      // We're SOL and need a full clone :(
+      //
+      // If we're confident enough that `rawRef` is a commit SHA,
+      // then we can at least get `finalize-manifest` to cache its result.
+      const resolved = spec.saveSpec.replace(/(?:#.*)?$/, rawRef ? `#${rawRef}` : '')
+      return {
+        _repo: repo,
+        _rawRef: rawRef,
+        _resolved: rawRef && rawRef.match(/^[a-f0-9]{40}$/) && resolved,
+        _uniqueResolved: rawRef && rawRef.match(/^[a-f0-9]{40}$/) && resolved,
+        _integrity: false,
+        _shasum: false
+      }
+    }
+  })
+}
+
+function resolve (url, spec, name, opts) {
+  const isSemver = !!spec.gitRange
+  return git.revs(url, opts).then(remoteRefs => {
+    return isSemver
+      ? pickManifest({
+        versions: remoteRefs.versions,
+        'dist-tags': remoteRefs['dist-tags'],
+        name: name
+      }, spec.gitRange, opts)
+      : remoteRefs
+        ? BB.resolve(
+          remoteRefs.refs[spec.gitCommittish] || remoteRefs.refs[remoteRefs.shas[spec.gitCommittish]]
+        )
+        : null
+  })
+}
+
+function withTmp (opts, cb) {
+  if (opts.cache) {
+    // cacache has a special facility for working in a tmp dir
+    return cacache.tmp.withTmp(opts.cache, { tmpPrefix: 'git-clone' }, cb)
+  } else {
+    const tmpDir = path.join(osenv.tmpdir(), 'pacote-git-tmp')
+    const tmpName = uniqueFilename(tmpDir, 'git-clone')
+    const tmp = mkdirp(tmpName).then(() => tmpName).disposer(rimraf)
+    return BB.using(tmp, cb)
+  }
+}
+
+// Only certain whitelisted hosted gits support shadow cloning
+const SHALLOW_HOSTS = new Set(['github', 'gist', 'gitlab', 'bitbucket'])
+function cloneRepo (spec, repo, resolvedRef, rawRef, tmp, opts) {
+  const ref = resolvedRef ? resolvedRef.ref : rawRef
+  if (resolvedRef && spec.hosted && SHALLOW_HOSTS.has(spec.hosted.type)) {
+    return git.shallow(repo, ref, tmp, opts)
+  } else {
+    return git.clone(repo, ref, tmp, opts)
+  }
+}

node_modules/pacote/lib/fetchers/hosted.js

@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = require('./git')

node_modules/pacote/lib/fetchers/range.js

@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = require('./registry')

node_modules/pacote/lib/fetchers/registry/index.js

@@ -0,0 +1,32 @@
+'use strict'
+
+const cacache = require('cacache')
+const Fetcher = require('../../fetch')
+const regManifest = require('./manifest')
+const regPackument = require('./packument')
+const regTarball = require('./tarball')
+
+const fetchRegistry = module.exports = Object.create(null)
+
+Fetcher.impl(fetchRegistry, {
+  packument (spec, opts) {
+    return regPackument(spec, opts)
+  },
+
+  manifest (spec, opts) {
+    return regManifest(spec, opts)
+  },
+
+  tarball (spec, opts) {
+    return regTarball(spec, opts)
+  },
+
+  fromManifest (manifest, spec, opts) {
+    return regTarball.fromManifest(manifest, spec, opts)
+  },
+
+  clearMemoized () {
+    cacache.clearMemoized()
+    regPackument.clearMemoized()
+  }
+})

node_modules/pacote/lib/fetchers/registry/manifest.js

@@ -0,0 +1,81 @@
+'use strict'
+
+const fetch = require('npm-registry-fetch')
+const fetchPackument = require('./packument')
+const optCheck = require('../../util/opt-check')
+const pickManifest = require('npm-pick-manifest')
+const ssri = require('ssri')
+
+module.exports = manifest
+function manifest (spec, opts) {
+  opts = optCheck(opts)
+
+  return getManifest(spec, opts).then(manifest => {
+    return annotateManifest(spec, manifest, opts)
+  })
+}
+
+function getManifest (spec, opts) {
+  opts = opts.concat({
+    fullMetadata: opts.enjoyBy ? true : opts.fullMetadata
+  })
+  return fetchPackument(spec, opts).then(packument => {
+    try {
+      return pickManifest(packument, spec.fetchSpec, {
+        defaultTag: opts.defaultTag,
+        enjoyBy: opts.enjoyBy,
+        includeDeprecated: opts.includeDeprecated
+      })
+    } catch (err) {
+      if ((err.code === 'ETARGET' || err.code === 'E403') && packument._cached && !opts.offline) {
+        opts.log.silly(
+          'registry:manifest',
+          `no matching version for ${spec.name}@${spec.fetchSpec} in the cache. Forcing revalidation.`
+        )
+        opts = opts.concat({
+          preferOffline: false,
+          preferOnline: true
+        })
+        return fetchPackument(spec, opts.concat({
+          // Fetch full metadata in case ETARGET was due to corgi delay
+          fullMetadata: true
+        })).then(packument => {
+          return pickManifest(packument, spec.fetchSpec, {
+            defaultTag: opts.defaultTag,
+            enjoyBy: opts.enjoyBy
+          })
+        })
+      } else {
+        throw err
+      }
+    }
+  })
+}
+
+function annotateManifest (spec, manifest, opts) {
+  const shasum = manifest.dist && manifest.dist.shasum
+  manifest._integrity = manifest.dist && manifest.dist.integrity
+  manifest._shasum = shasum
+  if (!manifest._integrity && shasum) {
+    // Use legacy dist.shasum field if available.
+    manifest._integrity = ssri.fromHex(shasum, 'sha1').toString()
+  }
+  manifest._resolved = (
+    manifest.dist && manifest.dist.tarball
+  )
+  if (!manifest._resolved) {
+    const registry = fetch.pickRegistry(spec, opts)
+    const uri = registry.replace(/\/?$/, '/') + spec.escapedName
+
+    const err = new Error(
+      `Manifest for ${manifest.name}@${manifest.version} from ${uri} is missing a tarball url (pkg.dist.tarball). Guessing a default.`
+    )
+    err.code = 'ENOTARBALL'
+    err.manifest = manifest
+    if (!manifest._warnings) { manifest._warnings = [] }
+    manifest._warnings.push(err.message)
+    manifest._resolved =
+    `${registry}/${manifest.name}/-/${manifest.name}-${manifest.version}.tgz`
+  }
+  return manifest
+}

node_modules/pacote/lib/fetchers/registry/packument.js

@@ -0,0 +1,92 @@
+'use strict'
+
+const BB = require('bluebird')
+
+const fetch = require('npm-registry-fetch')
+const LRU = require('lru-cache')
+const optCheck = require('../../util/opt-check')
+
+// Corgis are cute. 🐕🐶
+const CORGI_DOC = 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*'
+const JSON_DOC = 'application/json'
+
+module.exports = packument
+function packument (spec, opts) {
+  opts = optCheck(opts)
+
+  const registry = fetch.pickRegistry(spec, opts)
+  const uri = registry.replace(/\/?$/, '/') + spec.escapedName
+
+  return fetchPackument(uri, registry, spec, opts)
+}
+
+const MEMO = new LRU({
+  length: m => m._contentLength,
+  max: 200 * 1024 * 1024, // 200MB
+  maxAge: 30 * 1000 // 30s
+})
+
+module.exports.clearMemoized = clearMemoized
+function clearMemoized () {
+  MEMO.reset()
+}
+
+function fetchPackument (uri, registry, spec, opts) {
+  const mem = pickMem(opts)
+  const accept = opts.fullMetadata ? JSON_DOC : CORGI_DOC
+  const memoKey = `${uri}~(${accept})`
+  if (mem && !opts.preferOnline && mem.has(memoKey)) {
+    return BB.resolve(mem.get(memoKey))
+  }
+
+  return fetch(uri, opts.concat({
+    headers: {
+      'pacote-req-type': 'packument',
+      'pacote-pkg-id': `registry:${spec.name}`,
+      accept
+    },
+    spec
+  }, opts, {
+    // Force integrity to null: we never check integrity hashes for manifests
+    integrity: null
+  })).then(res => res.json().then(packument => {
+    packument._cached = res.headers.has('x-local-cache')
+    packument._contentLength = +res.headers.get('content-length')
+    // NOTE - we need to call pickMem again because proxy
+    //        objects get reused!
+    const mem = pickMem(opts)
+    if (mem) {
+      mem.set(memoKey, packument)
+    }
+    return packument
+  })).catch(err => {
+    if (err.code === 'E404' && !opts.fullMetadata) {
+      return fetchPackument(uri, registry, spec, opts.concat({
+        fullMetadata: true
+      }))
+    } else {
+      throw err
+    }
+  })
+}
+
+class ObjProxy {
+  get (key) { return this.obj[key] }
+  set (key, val) { this.obj[key] = val }
+}
+
+// This object is used synchronously and immediately, so
+// we can safely reuse it instead of consing up new ones
+const PROX = new ObjProxy()
+function pickMem (opts) {
+  if (!opts || !opts.memoize) {
+    return MEMO
+  } else if (opts.memoize.get && opts.memoize.set) {
+    return opts.memoize
+  } else if (typeof opts.memoize === 'object') {
+    PROX.obj = opts.memoize
+    return PROX
+  } else {
+    return null
+  }
+}

node_modules/pacote/lib/fetchers/registry/tarball.js

@@ -0,0 +1,102 @@
+'use strict'
+
+const BB = require('bluebird')
+
+const fetch = require('npm-registry-fetch')
+const manifest = require('./manifest')
+const optCheck = require('../../util/opt-check')
+const PassThrough = require('stream').PassThrough
+const ssri = require('ssri')
+const url = require('url')
+
+module.exports = tarball
+function tarball (spec, opts) {
+  opts = optCheck(opts)
+  const registry = fetch.pickRegistry(spec, opts)
+  const stream = new PassThrough()
+  let mani
+  if (
+    opts.resolved &&
+    // spec.type === 'version' &&
+    opts.resolved.indexOf(registry) === 0
+  ) {
+    // fakeChild is a shortcut to avoid looking up a manifest!
+    mani = BB.resolve({
+      name: spec.name,
+      version: spec.fetchSpec,
+      _integrity: opts.integrity,
+      _resolved: opts.resolved,
+      _fakeChild: true
+    })
+  } else {
+    // We can't trust opts.resolved if it's going to a separate host.
+    mani = manifest(spec, opts)
+  }
+
+  mani.then(mani => {
+    !mani._fakeChild && stream.emit('manifest', mani)
+    const fetchStream = fromManifest(mani, spec, opts).on(
+      'integrity', i => stream.emit('integrity', i)
+    )
+    fetchStream.on('error', err => stream.emit('error', err))
+    fetchStream.pipe(stream)
+    return null
+  }).catch(err => stream.emit('error', err))
+  return stream
+}
+
+module.exports.fromManifest = fromManifest
+function fromManifest (manifest, spec, opts) {
+  opts = optCheck(opts)
+  if (spec.scope) { opts = opts.concat({ scope: spec.scope }) }
+  const stream = new PassThrough()
+  const registry = fetch.pickRegistry(spec, opts)
+  const uri = getTarballUrl(spec, registry, manifest, opts)
+  fetch(uri, opts.concat({
+    headers: {
+      'pacote-req-type': 'tarball',
+      'pacote-pkg-id': `registry:${manifest.name}@${uri}`
+    },
+    integrity: manifest._integrity,
+    algorithms: [
+      manifest._integrity
+        ? ssri.parse(manifest._integrity).pickAlgorithm()
+        : 'sha1'
+    ],
+    spec
+  }, opts))
+    .then(res => {
+      const hash = res.headers.get('x-local-cache-hash')
+      if (hash) {
+        stream.emit('integrity', decodeURIComponent(hash))
+      }
+      res.body.on('error', err => stream.emit('error', err))
+      res.body.pipe(stream)
+      return null
+    })
+    .catch(err => stream.emit('error', err))
+  return stream
+}
+
+function getTarballUrl (spec, registry, mani, opts) {
+  const reg = url.parse(registry)
+  const tarball = url.parse(mani._resolved)
+  // https://github.com/npm/npm/pull/9471
+  //
+  // TL;DR: Some alternative registries host tarballs on http and packuments
+  // on https, and vice-versa. There's also a case where people who can't use
+  // SSL to access the npm registry, for example, might use
+  // `--registry=http://registry.npmjs.org/`. In this case, we need to
+  // rewrite `tarball` to match the protocol.
+  //
+  if (reg.hostname === tarball.hostname && reg.protocol !== tarball.protocol) {
+    tarball.protocol = reg.protocol
+    // Ports might be same host different protocol!
+    if (reg.port !== tarball.port) {
+      delete tarball.host
+      tarball.port = reg.port
+    }
+    delete tarball.href
+  }
+  return url.format(tarball)
+}

node_modules/pacote/lib/fetchers/remote.js

@@ -0,0 +1,34 @@
+'use strict'
+
+const BB = require('bluebird')
+
+const Fetcher = require('../fetch')
+const fetchRegistry = require('./registry')
+
+const fetchRemote = module.exports = Object.create(null)
+
+Fetcher.impl(fetchRemote, {
+  packument (spec, opts) {
+    return BB.reject(new Error('Not implemented yet'))
+  },
+
+  manifest (spec, opts) {
+    // We can't get the manifest for a remote tarball until
+    // we extract the tarball itself.
+    // `finalize-manifest` takes care of this process of extracting
+    // a manifest based on ./tarball.js
+    return BB.resolve(null)
+  },
+
+  tarball (spec, opts) {
+    const uri = spec._resolved || spec.fetchSpec
+    return fetchRegistry.fromManifest({
+      _resolved: uri,
+      _integrity: opts.integrity
+    }, spec, opts)
+  },
+
+  fromManifest (manifest, spec, opts) {
+    return this.tarball(manifest || spec, opts)
+  }
+})

node_modules/pacote/lib/fetchers/tag.js

@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = require('./registry')

node_modules/pacote/lib/fetchers/version.js

@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = require('./registry')