npmrc handling polishing

[guybedford]

We need to integrate more thorough parsing of the npmrc handling.

For example:

• We should respect ignoring the npmrc when it has permission 0600.
• We should handle array properties
• The registry-specific property handling at https://github.com/jspm/npm/blob/master/lib/npmrc.js#L30 to remove a leading "https://" is just plain wrong for "//registry.com/..." style registry names - properties need better normalization.
• All of this work should be done with a careful test suite and test cases against the variations.
• We should be reading alwaysAuth and respecting that.

Only then can we be sure we can exactly trust the npmrc values to use them automatically for authenticating.

[alienriver49]

@guybedford This is probably a shot in the dark as I know JSPM is sunset (and I'm guessing possibly this library too?), but could we have environment variable support added to this list? It's the same as this issue which was originally opened under the JSPM CLI repository.

I would be willing to submit a PR if this was something that would be released, but if this repository is considered archived like the JSPM CLI one, then we will likely have to patch this and release a version in our private registry. Thanks!

[guybedford]

@alienriver49 yes this repo is no longer maintained, but if you do have a specific PR that you would like to see I can certainly publish a patch for you.

[alienriver49]

@guybedford Finally got around to implementing this. PR here.