npm weekly, #21: npm 3 updates + react.js component tooling

Sign up for the weekly.

npm 3 beta testers

If you’re an npm@3 beta tester, be advised: the tags for downloading the latest and next versions of npm@3 have changed. They are now npm@3.x-next and npm@3.x-latest. Checkout the CHANGELOG for more info. Also, thank you to all of you for helping us squash all those bugs!

Kat also snuck a lot of things into npm@2 while Forrest was away, so checkout those in the CHANGELOG.

npm 3 beta brings good news for windows users

Rebecca talked to InfoQ about npm@3, particularly how the changes to the installation process will help Windows users.

private modules post-mortem

We’ve alerted private modules users via email, but in case you missed it there was a security issue with private modules last week. Metadata about private modules was leaked, but package contents and private user information were not. Read more in the post-mortem.

react podcast on webpack vs. browserify

If you’re working with React.js components, you’ll probably want to listen to the React Podcast on Webpack vs Browserify as tools for managing your front-end dependencies. The discussion starts around the 7-minute mark.

On the same subject, Lin explained how you can use Browserify with npm (and Babel) for front-end package management at jQuerySF last month and will be talking about Webpack at React Rally in August.

npm is now my snippet database

In his AMA, Sindre Sorhus explains how he uses npm as a way to capture his code snippets.

Why copy-paste when you can require it and with the benefit of having a clear intent. Fixing a bug in a snippet means updating one module instead of manually fixing all the instances where the snippet is used.