wip

shell/node_modules/.package-lock.json

@@ -3,6 +3,11 @@
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
+    "node_modules/http": {
+      "version": "0.0.1-security",
+      "resolved": "https://registry.npmjs.org/http/-/http-0.0.1-security.tgz",
+      "integrity": "sha512-RnDvP10Ty9FxqOtPZuxtebw1j4L/WiqNMDtuc1YMH1XQm5TgDRaR1G9u8upL6KD1bXHSp9eSXo/ED+8Q7FAr+g=="
+    },
     "node_modules/ws": {
       "version": "8.16.0",
       "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz",

shell/node_modules/http/README.md

@@ -0,0 +1,9 @@
+# Security holding package
+
+This package name is not currently in use, but was formerly occupied
+by another package. To avoid malicious use, npm is hanging on to the
+package name, but loosely, and we'll probably give it to you if you
+want it.
+
+You may adopt this package by contacting support@npmjs.com and
+requesting the name.

shell/node_modules/http/package.json

@@ -0,0 +1,6 @@
+{
+  "name": "http",
+  "version": "0.0.1-security",
+  "description": "security holding package",
+  "repository": "npm/security-holder"
+}