Unlock the Power of npm v7: A Game-Changer for JavaScript Developers
October 13th, 2020, marked a significant milestone for the npm CLI team as they officially released [email protected] This new version introduces highly requested features from the npm CLI userbase, revolutionizing the way developers work with JavaScript packages.
What’s New in npm v7?
To get started with npm v7.0.0, simply run npm i -g npm@7
in your terminal. This release is still relatively new, so it won’t break existing workflows that use npm, especially in production. However, if you want to opt-in, you can install Node.js 15, which was released recently.
Workspaces: A Long-Awaited Feature
The community has been requesting workspaces for a long time, and now they’re finally here. Workspaces allow you to manage multiple packages within a single top-level, root package. This feature is similar to what Yarn and Pnpm offer, and it’s designed to benefit the larger community.
To access the full feature set, you’ll need to make two major changes to your npm CLI setup:
- Make the npm CLI workspace-aware: This allows you to install all nested packages and perform associated lifecycle scripts from the top-level workspace.
- Symlink dependencies: This feature ensures that workspaces with dependencies on each other are symlinked correctly.
Auto-Installing Peer Dependencies: A Major Improvement
In previous versions of npm, peer dependencies were not installed by default. Instead, individual consumers had to install and manage them manually, often leading to confusion and misinterpreted warnings. With npm v7.0.0, peer dependencies are now installed automatically, making it easier for developers to manage their dependencies.
Package-Lock v2 and Yarn.Lock Support
The new package-lock format enables deterministically reproducible builds and includes everything npm needs to fully build the package tree. Additionally, the CLI can now use yarn.lock as a source of package metadata and resolution guidance.
Breaking Changes in npm 7.0.0
While npm v7 introduces many exciting features, there are some breaking changes that developers should be aware of:
- Auto-installing peer dependencies: This may break certain workflows.
- Package.exports field: npm now uses this field, making it impossible to require() npm’s internal modules.
- npx rewritten: npx has been completely rebuilt to use the npm exec command.
- npm audit output: The output has changed, no longer using tables to display vulnerabilities.
- npm ls: This command now only shows top-level packages by default.
Get Started with npm v7 Today!
To start using npm v7, simply run npm i -g npm@7
in your terminal. You can confirm the version using either npm -v
or npm --version
. If you want to switch back to a previous version, you can do so by adding the version number behind “@” (e.g., npm install -g npm@<version-number>
).
Example: Installing Peer Dependencies Automatically
Let’s see how npm v7 helps us install peer dependencies automatically. First, confirm that you have no dependencies by running npm ls react
in the CLI. Then, install a dependency with peer dependencies to React and see how it gets installed.
Example: The New npx
npx has been rebuilt, and it’s no longer a separate package. When you try to install something, it prompts you to confirm that you really want to proceed with the installation. You can use the -y
flag to bypass this prompt.
A New Era for npm
This is the first version of npm CLI released since npm was acquired by GitHub in April 2020. You can find the official release information on the GitHub blog. In this article, we’ve explored the new features of npm v7 and how to get started with the newest version of npm. We encourage everyone interested in these new features to give npm v7 a try.