npm Weekly, #6

We’re switching up our schedule and moving the weekly to Tuesdays, which is why you’re seeing this here right now. You can still have the weekly delivered to you directly, too.

What’s new in the CLI

npm@latest is now version 2.6.0. The new command is npm logout, which is one step along the road towards better authentication handling using auth tokens instead of usernames and passwords.

When logged into a registry that supports token-based authentication, this command tells the server to end this token’s session. This will invalidate the token everywhere you’re using it, not just for the current environment.

What’s coming in npm@3

In the last weekly, we talked about the how npm@3 would have a flatter node_modules directory. This week, we wanted to show you how this works with npm’s other tools. Let’s say that you install event-emitter. If you run ls node_modules, you’ll see all of the dependencies laid out next to each other. But when you run npm ls, you’ll see the dependency tree, with dependencies nested. This is because npm’s tools are aware of the actual relationships between dependencies.

Billion downloads (per month) day

We crossed a big threshold here at npm. For the first time, our “downloads in the last month” ticker passed 1,000,000,000. We had our first 30-day window where more than 1 billion packages were downloaded. That’s a lot of packages.

Welcome, jQuery developers!

If you missed it, the jQuery plugin registry now only provides read access to plugins and recommends plugin publishers switch to npm to publish their plugins. We’re putting some documentation in place to make this transition as easy as possible, starting with Publishing your jQuery plugin to npm, the quick and dirty way.

Translations

Japanese: https://medium.com/@watilde/npm-weekly-6-9c474a93ed45