npm Weekly, #5

Here’s your weekly serving of the choicest npm updates. Would you like to have them delivered to you directly?

What’s new in the CLI

You might notice a few new warnings when you update to npm@2.6.0.

We’re removing the engineStrict key from package.json in npm@3, so you’ll start seeeing warnings about this change in npm@2.6.0. You’ll still be able to set the engine for your environment in your .npmrc, but allowing packages to set engine requirements never quite worked out right for users, so that’s what we’re taking out.

We will also be changing the behavior of peerDependencies in npm@3. We won’t be automatically downloading the peer dependency anymore. Instead, we’ll warn you if the peer dependency isn’t already installed. This requires you to resolve peerDependency conflicts yourself, manually, but in the long run this should make it less likely that you’ll end up in a tricky spot with your packages’ dependencies.

What’s coming in npm@3

With npm@3, your node_modules directory will be a lot flatter. All of your dependencies and most of your subdependencies (and (sub)+dependencies) will be sitting next to each other at the top level. Only when there are conflicts will modules be installed at deeper levels. This should make things a lot easier for Windows users.

How to npm

npm has a new interactive workshop, how-to-npm. Learn how to publish packages to npm, update them, and do other maintanence-y tasks. And don’t worry, it won’t publish anything to the public registry, only to a mock registry on your own machine.

Node Foundation

This week, Joyent announced that they are creating a foundation for Node.js. This is a huge step towards supporting the JavaScript community, drawing investment from more companies towards a community-driven effort. It’s still early in the process, but we’re really excited to see what impact this will have on the Node.js project and the broader JavaScript community.