Npm 7 CLI Now Generally Available
Thursday, 04 February 2021

Version 7 of npm CLI is now generally available and is now the official default version of the JavaScript package manager. The command line toolkit adds support for workspaces.

npm is a package manager for JavaScript, and is the default package manager Node.js, the asynchronous event driven JavaScript runtime built on Chrome's V8 JavaScript engine. 


npm 7 has been shipping with node.js 15 since October, but until now was the opt-in alternative. It has now been adopted as the latest version in the npm registry and will be the default version installed when you run npm install --global npm.

The new version includes tools that manage your packages for you, starting with support for Workspaces, which add support for managing multiple packages from within a singular top-level, root package.

The new version uses a different lockfile format, which is backwards compatible with npm 6 users. The developers say

"lockfile v2 unlocks the ability to do deterministic and reproducible builds to produce a package tree."

Until now, yarn.lock files were ignored, but the change means the npm CLI can now use yarn.lock as the source of package metadata and resolution guidance. If a yarn.lock file is present, then npm will also keep it up-to-date with the contents of the package tree.

The new version also improves support for peer dependencies. In earlier versions you had to manage and install your own peer dependencies. The new peer dependency algorithm ensures that a validly matching peer dependency is found at or above the peer-dependent’s location in the node_modules tree.

Another improvement is in the handling of conflicts. In the earlier version, if there were conflicts in the peer dependencies, you got a warning that the versions weren't compatible, but npm would still install dependencies without an error. npm 7 will block installations if an upstream dependency conflict is present that cannot be automatically resolved, though you can still force a retry to either bypass the conflict or ignore peer dependencies entirely. 

The developers say that since many packages in the ecosystem have come to rely on loose peer dependencies resolutions, npm 7 will print a warning and work around most peer conflicts that exist deep within the package tree, since you can’t fix those anyway.


More Information

npm On Github

Related Articles

npm 7 Will Ship With Node.js 15

Node.js Bridge For COBOL

Rewritten Search For NPM 4.0

Yarn The New JavaScript Package Manager

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, Facebook or Linkedin.


Kaggle Survey Of Data Scientists

Kaggle's survey of data scientists reveals that the vast majority of data scientists are under 35 years of age, two-thirds have a graduate degree, and most have less than 10 years coding experience. I [ ... ]

ScaleOut Improves Dev Support For Streaming Analytics

ScaleOut Software has improved the support for developing streaming analytics applications to run on its ScaleOut Digital Twin Streaming Service.

More News





or email your comment to: