DEV Community

Cover image for Announcing npm7
Ruy Adorno
Ruy Adorno

Posted on

Announcing npm7

It's been a very long and crazy ride but I'm happy to share that the project I've been working so hard since I joined the npm team more than an year ago is finally out! npm7 is the new major version of the npm cli ๐Ÿ˜

TLDR; npm install -g npm@7

What's new?

First let's highlight the major additions:

  • workspaces! finally the top-requested feature from our userbase makes its way into a stable release line ๐ŸŽ‰
  • auto-installing peer-dependencies again ๐Ÿ“ฆ

Improving DX

There are some smaller changes/additions/tweaks that will hopefully continue to help improving the user experience, such as:

  • new npm exec command - same as npx that now lives in the cli ๐Ÿ˜
  • a new package-lock format and support to install from yarn.lock files ๐Ÿš€
  • improved npm audit output! ๐Ÿ˜Ž
  • new update notification system for the npm cli
  • ability to install a git/GH pkg from a PR: npm i user/project#pull/123
  • less verbose install output
  • skip pre/post scripts when using --ignore-scripts
  • new system to cache node_modules data that makes npm ls much faster
  • npm ls now defaults to top-level deps only, to see the entire tree you can now run npm ls --all
  • slightly improved npm fund output, highlighting funding urls and properly nesting deps
  • And much, much more!

I did a fanart illustration to celebrate this moment

Clean up work

In reality npm7 is the long due refactor/clean up of the npm cli and it spawns a couple of very important internal packages to our ecosystem which are now the standard Programmatic APIs for npm:

I'm really excited to see what this will enable in the community, for the first time it's going to be a trivial thing to require('@npmcli/arborist') and have the same npm install experience from within userland scripts without the need of spawning any subprocesses ๐Ÿคฉ

It's also worth mentioning that a lot of the work that went into this version is making sure every line of code and functionality is well-tested and stable so that we can better iterate on new features and bug fixes moving forward ๐Ÿ˜Š

More?

There are also new options/flags that goes along with some of the new features such as --legacy-peer-deps and --strict-peer-deps that help tweak the behavior of installing peer deps, npm ls --all to see all installed deps since the default is now show top-level only, etc

The team will be working hard on adding more tests and fixing any bugs that managed to slip through our beta test period ๐Ÿ˜„ Feel free to reach out to us in our GitHub issue tracker that now have the best up-to-date links on how to report bugs, propose new features or get help.

You can also read more about the release in the official channels:


โฌ‡๏ธ Get it now

The npm7 is going to be a part of the upcoming node15 release but if you want to get it first, you can install it now with:

npm install -g npm@7
Enter fullscreen mode Exit fullscreen mode

Happy dependency-installing everyone!

Alt Text

Top comments (12)

Collapse
 
faraazahmad profile image
Syed Faraaz Ahmad

I was curious, What does the NPM team(s) think of PNPM and if there are plans to build something similar?

Collapse
 
ruyadorno profile image
Ruy Adorno

Personally, I think very highly of pnpm and Yarn (and their respective maintainers) as I think they brought up (and still do) a lot of innovation to JS package managers - that said, we are often going to be looking at what they are bringing to the table as a source of inspiration rather than reproducing their solution to a specific problem.

I believe when you say "if there are plans to build something similar?" you are referring to their "non-flat node_modules" structure ๐Ÿค” but regardless the answer is the same: npm has its own way of doing things and solving the dependency management problem and while we'll be inspired by the work of other package managers we won't necessarily change our system to simply replicate a different one.

Now if any major changes (such as implementing a symlink-based non-flat node_modules folder) were to be implemented, the place to keep an eye is the npm RFCs repo where we have discussions with the community on how to change the cli for the better ๐Ÿ˜Š

Sorry this turned into a long answer but it was a good question that I felt like needed a more elaborate response ๐Ÿ˜„ Thanks and all the best!

Collapse
 
faraazahmad profile image
Syed Faraaz Ahmad

I was more referring to how pnpm uses symlinks to reduce disk and network usage (and install times!). Could be a very big benefit in developing countries where everyone isn't on a Mac.

Great answer though! I prefer the long answers, shows you're really excited

Keep up the great work!

Collapse
 
huncyrus profile image
huncyrus

I am curious about backward compatibility. Does an old project break if I will try to use the new npm or not? :D (probably not, but the golder rule: do not upgrade anything until you are not released and hotfixed the product)

Collapse
 
ruyadorno profile image
Ruy Adorno

One of the goals is to try and minimize the breaking changes ๐Ÿ˜„ but since this is a major version bump there are a few to be expected - in all cases if you want to err on the side of safety then the best thing to do is to wait until v7 lands on npm latest tag as mentioned in the GitHub blog post (that is going to be our equivalent of a LTS release) ๐Ÿ˜Š

Collapse
 
nickytonline profile image
Nick Taylor

Congrats on the release @ruyadorno and team! ๐Ÿ”ฅ

Gym teacher from Glee saying amazing!

Collapse
 
goxr3plus profile image
GOXR3PLUS STUDIO

Amazing news!!!!!! โค๏ธ๐Ÿ‘๐Ÿ‘๐Ÿ‘

Collapse
 
eltociear profile image
Ikko Eltociear Ashimine

merry npm!

Collapse
 
ben profile image
Ben Halpern

Congrats!!

Collapse
 
shaytamir profile image
shaytamir • Edited

astonishing news =]

Collapse
 
zdev1official profile image
ZDev1Official

Congrats!

Collapse
 
shadowtime2000 profile image
shadowtime2000

Cool!