It's been a very long and crazy ride but I'm happy to share that the project I've been working so hard since I joined the npm team more than an year ago is finally out! npm7 is the new major version of the npm cli ๐
TLDR; npm install -g npm@7
What's new?
First let's highlight the major additions:
- workspaces! finally the top-requested feature from our userbase makes its way into a stable release line ๐
- auto-installing peer-dependencies again ๐ฆ
Improving DX
There are some smaller changes/additions/tweaks that will hopefully continue to help improving the user experience, such as:
- new
npm exec
command - same asnpx
that now lives in the cli ๐ - a new package-lock format and support to install from
yarn.lock
files ๐ - improved
npm audit
output! ๐ - new update notification system for the npm cli
- ability to install a git/GH pkg from a PR:
npm i user/project#pull/123
- less verbose install output
- skip pre/post scripts when using
--ignore-scripts
- new system to cache
node_modules
data that makesnpm ls
much faster -
npm ls
now defaults to top-level deps only, to see the entire tree you can now runnpm ls --all
- slightly improved
npm fund
output, highlighting funding urls and properly nesting deps - And much, much more!
Clean up work
In reality npm7 is the long due refactor/clean up of the npm cli and it spawns a couple of very important internal packages to our ecosystem which are now the standard Programmatic APIs for npm:
-
@npmcli/arborist the new
npm install
system - @npmcli/config the new npm config
-
@npmcli/run-script the new
npm run
- @npmcli/map-workspaces read workspaces configs
-
libnpmfund
npm fund
Programmatic API
I'm really excited to see what this will enable in the community, for the first time it's going to be a trivial thing to require('@npmcli/arborist')
and have the same npm install
experience from within userland scripts without the need of spawning any subprocesses ๐คฉ
It's also worth mentioning that a lot of the work that went into this version is making sure every line of code and functionality is well-tested and stable so that we can better iterate on new features and bug fixes moving forward ๐
More?
There are also new options/flags that goes along with some of the new features such as --legacy-peer-deps
and --strict-peer-deps
that help tweak the behavior of installing peer deps, npm ls --all
to see all installed deps since the default is now show top-level only, etc
The team will be working hard on adding more tests and fixing any bugs that managed to slip through our beta test period ๐ Feel free to reach out to us in our GitHub issue tracker that now have the best up-to-date links on how to report bugs, propose new features or get help.
You can also read more about the release in the official channels:
โฌ๏ธ Get it now
The npm7 is going to be a part of the upcoming node15 release but if you want to get it first, you can install it now with:
npm install -g npm@7
Top comments (12)
I was curious, What does the NPM team(s) think of PNPM and if there are plans to build something similar?
Personally, I think very highly of pnpm and Yarn (and their respective maintainers) as I think they brought up (and still do) a lot of innovation to JS package managers - that said, we are often going to be looking at what they are bringing to the table as a source of inspiration rather than reproducing their solution to a specific problem.
I believe when you say "if there are plans to build something similar?" you are referring to their "non-flat node_modules" structure ๐ค but regardless the answer is the same: npm has its own way of doing things and solving the dependency management problem and while we'll be inspired by the work of other package managers we won't necessarily change our system to simply replicate a different one.
Now if any major changes (such as implementing a
symlink-based non-flat node_modules folder
) were to be implemented, the place to keep an eye is the npm RFCs repo where we have discussions with the community on how to change the cli for the better ๐Sorry this turned into a long answer but it was a good question that I felt like needed a more elaborate response ๐ Thanks and all the best!
I was more referring to how pnpm uses symlinks to reduce disk and network usage (and install times!). Could be a very big benefit in developing countries where everyone isn't on a Mac.
Great answer though! I prefer the long answers, shows you're really excited
Keep up the great work!
I am curious about backward compatibility. Does an old project break if I will try to use the new npm or not? :D (probably not, but the golder rule: do not upgrade anything until you are not released and hotfixed the product)
One of the goals is to try and minimize the breaking changes ๐ but since this is a major version bump there are a few to be expected - in all cases if you want to err on the side of safety then the best thing to do is to wait until v7 lands on npm
latest
tag as mentioned in the GitHub blog post (that is going to be our equivalent of a LTS release) ๐Congrats on the release @ruyadorno and team! ๐ฅ
Amazing news!!!!!! โค๏ธ๐๐๐
merry npm!
Congrats!!
astonishing news =]
Congrats!
Cool!