npm v7 Highlights

V7 Highlights 27 Oct 2020 • GitHub Presente Meetup @ruyadorno

Ruy Adorno Software Dev npm cli @GitHub

• Make sure to get it • Out with Node.js
15 • Bugs / Feedback? Reach out:  github.com/npm/cli

• This presentation takes you through a quick and simple
demo of a project using npm7 • Let’s go

• npm exec is a new command that brings npx
to the core cli

• npm exec is a new command that brings npx
to the core cli • In this example we are going to run an Yeoman Generator by installing both the yo runner and generator-node packages and running as a single command

• npm ls now will only show top-level packages by
default • In order to get the same output as npm6 you can now use the “all” option: npm ls --all

• npm audit got a much more clean and straightforward
output, it no longer uses tables to display vulnerabilities and vuln count is no longer multiplying every single node in the tree

• Let’s install a version of mkdirp that has a
known CVE open in the npm security db

• npm install output still let us know about the
vulnerabilities at the end of an install

• npm audit ﬁx --force will solve the vulnerability by
updating to semver-major versions which might in turn contain potential breaking changes

• peerDependencies are now installed by default! Let’s run through
a quick example by installing a dep that has a peer dep to react and see how it gets installed at the end

• workspaces time!

• workspaces time! • In this example we’re going to
create a sub package (or a workspace) that we’re later on going to deﬁne as a workspace in our package.json, get it properly linked on our npm install and then require it from our app

• ☝ Workspace created, let’s now add it to the
workspaces property of the top-level package.json ﬁle

• All set up! Let’s check everything

• One of the very nice things about the UX
around workspaces is the possibility to require that workspace with the same syntax you would use to require a package downloaded from the registry ⬇

• This initial workspaces support will help unlock many workﬂows
to npm users and there’s much more coming to v7.x with new commands to help working with workspaces. ❤

@ruyadorno   and remember to: npm install -g npm@7 Thanks!

npm v7 Highlights

npm v7 Highlights

Ruy Adorno

More Decks by Ruy Adorno

Other Decks in Programming

Featured

Transcript

V7 Highlights 27 Oct 2020 • GitHub Presente Meetup @ruyadorno

Ruy Adorno Software Dev npm cli @GitHub

• Make sure to get it • Out with Node.js

• This presentation takes you through a quick and simple

• npm exec is a new command that brings npx

• npm exec is a new command that brings npx

• npm ls now will only show top-level packages by

•

• npm audit got a much more clean and straightforward

• Let’s install a version of mkdirp that has a

• npm install output still let us know about the

• npm audit ﬁx --force will solve the vulnerability by

• peerDependencies are now installed by default! Let’s run through

• workspaces time!

• workspaces time! • In this example we’re going to

• ☝ Workspace created, let’s now add it to the

• All set up! Let’s check everything

• One of the very nice things about the UX

• This initial workspaces support will help unlock many workﬂows

@ruyadorno   and remember to: npm install -g npm@7 Thanks!