|Npm 7 CLI Now Generally Available|
|Thursday, 04 February 2021|
npm 7 has been shipping with node.js 15 since October, but until now was the opt-in alternative. It has now been adopted as the latest version in the npm registry and will be the default version installed when you run npm install --global npm.
The new version includes tools that manage your packages for you, starting with support for Workspaces, which add support for managing multiple packages from within a singular top-level, root package.
The new version uses a different lockfile format, which is backwards compatible with npm 6 users. The developers say
"lockfile v2 unlocks the ability to do deterministic and reproducible builds to produce a package tree."
Until now, yarn.lock files were ignored, but the change means the npm CLI can now use yarn.lock as the source of package metadata and resolution guidance. If a yarn.lock file is present, then npm will also keep it up-to-date with the contents of the package tree.
The new version also improves support for peer dependencies. In earlier versions you had to manage and install your own peer dependencies. The new peer dependency algorithm ensures that a validly matching peer dependency is found at or above the peer-dependent’s location in the node_modules tree.
Another improvement is in the handling of conflicts. In the earlier version, if there were conflicts in the peer dependencies, you got a warning that the versions weren't compatible, but npm would still install dependencies without an error. npm 7 will block installations if an upstream dependency conflict is present that cannot be automatically resolved, though you can still force a retry to either bypass the conflict or ignore peer dependencies entirely.
The developers say that since many packages in the ecosystem have come to rely on loose peer dependencies resolutions, npm 7 will print a warning and work around most peer conflicts that exist deep within the package tree, since you can’t fix those anyway.
or email your comment to: email@example.com