The original

As expected, NPM CLI 7 is now available

Aside from some new features and incompatible changes. We had some significant performance impacts on NPM 7 compared to NPM 6, including:

  • Number of dependencies decreased by 54% (NPM 7 67, NPM 6 123)
  • Code test coverage increased by 54%(NPM 7 94% vs NPM 6 77%)
  • Benchmarks show a significant performance improvement in the various examples

Note that NPM 7 has now been released to the latest version of the NPM repository and will be installed by default when NPM install –global is executed. To install NPM 6, run NPM install –global np@6

Incompatible change

Despite major changes to the NPM internals, we are still working hard to ensure minimal disruption to most workflows. That said, some disruptive changes must be made to improve the developer experience. Incompatible changes can be viewed in the blog.

Will modifylockfile

One notable change is the new lockfile format, which is backward compatible with NPM 6 users

In previous versions, yarn.lock files were ignored, and NPM CLI can now use yarn.lock as a source for package metadata and dependencies. If yarn.lock exists, NPM also keeps it up to date with the contents of the package.

Using NPM 7 and executing NPM install in a project with a V1 lockfile replaces the contents of the Lock File with v2 format. If you want to avoid this behavior, you can do so by executing NPM install –no-save

peer dependencies

A new feature introduced in NPM 7 is the automatic installation of Peer Dependencies. In previous versions of NPM (4-6), the Peer Dependencies conflict was warned against version-incompatibility, but the dependencies were still installed without an error. In NPM 7, installation is blocked if there are dependency conflicts that cannot be resolved automatically.

You can bypass the conflict by reinstalling the –force option, or by selecting the dependencies of the –legacy-peer-deps option peer Dependencies (similar to NPM version 4-6).

Since many packages rely on loose peer Dependencies resolution, NPM 7 prints warnings and resolves most peer conflicts that exist in the package dependency tree, so they cannot be handled manually. To enforce strictly correct peer Dependencies dependencies at all levels, use the –strict-peer-deps option.

Thank you

Finally, we would like to thank the community members who submitted changes, participated in RFC discussions, provided feedback, and acted as early adopters. We remain committed to continuing to improve the NPM CLI, so if you have any feedback in the future, please use the NPM/Feedback warehouse to discuss it.