npm weekly #213: OSS Funding Platform, npm v6.11.3 released, open RFC meetings & more
Funding platform for OSS maintainers
On Friday, npm, Inc. announced development of a funding platform that will make it easy for users of open source packages to compensate package maintainers through the registry. Learn more here, and keep an eye out for more details coming soon!
npm v6.11.3 is here
Earlier this week, we released npm@6.11.3. This update contains bug fixes for npm ci and npm outdated --depth
To get it, run:
npm install -g npm@latestDependency management from a security point-of-view
Adam Baldwin, npm’s VP of Security, describes the do’s and don’ts of dependency management in a new blog post.
Open RFC meetings kickoff
On Wednesday, the npm CLI team kicked off the first of a series of planned bi-weekly meetings (“fortnightly,” if you prefer) to discuss issues and open pull requests in the npm rfcs repository. These meetings are open to all who wish to attend. Follow us on Twitter for updates.
Curious about what it would be like to work on a product with 11 million+ users and over 40 billion downloads every month? We are currently looking for engineers, security pros, design folks and more.
See our open positions at: npmjs.com/jobs.
Share your project!
We love to feature projects created by customers and members of the npm community. If your team is using npm to build something cool, let us know!
Registry terms of service updated
The npm public registry terms of service have been updated to clarify acceptable commercial content in the registry.
Need private packages and team management tools?
The same tools that empower developers to work together on Open Source projects can make teams more efficient when collaborating on mission-critical applications.
