The v5.0 of NPM is released


The npm team has released the 5.0.0 version of npm, here is their announcement:

This release marks months of hard work for the young, scrappy, and hungry CLI team, and includes some changes we’ve been hoping to do for literally years. npm@5 takes npm a pretty big step forward, significantly improving its performance in almost all common situations, fixing a bunch of old errors due to the architecture, and just generally making it more robust and fault-tolerant. It comes with changes to make life easier for people doing monorepos, for users who want consistency/security guarantees and brings semver support to git dependencies.

Breaking Changes

The most significant changes:

My personal wish has been granted from npm:

  • npm will --save by default now. Additionally, package-lock.json will be automatically created unless an npm-shrinkwrap.json exists.

  • Existing npm caches will no longer be used: you will have to redownload any cached packages. There is no tool or intention to reuse old caches.
  • npm install ./packages/subdir will now create a symlink instead of a regular installation. file://path/to/tarball.tgz will not change -- only directories are symlinked.
  • npm will now scold you if you capitalize its name. seriously it will fight you.

  • Git dependencies support semver through user/repo#semver:^1.2.3

  • Git dependencies with prepare scripts will have their devDependencies installed, and npm install run in their directory before being packed.

  • npm cache commands have been rewritten and don't really work anything like they did before.

  • --cache-min and --cache-max have been deprecated.

  • Running npm while offline will no longer insist on retrying network requests. npm will now immediately fall back to the cache if possible, or fail.

  • package locks no longer exclude optionalDependencies that failed to build. This means package-lock.json and npm-shrinkwrap.json should now be cross-platform.

  • If you generated your package lock against registry A, and you switch to registry B, npm will now try to install the packages from registry B, instead of A.

Feature Summary

In the Feature Summary section of the change log you will find Installer changes, Publishing, and rewriting the cache.

Read the entire change log on GitHub for details.