npm weekly #217: A decade of npm, CLI news, welcome Ron & more

npm, Inc.
npm, Inc.
Oct 3 · 3 min read

A decade of npm!

npm turns 10! To celebrate, we’ve put together a timeline of the milestones we’ve reached along the way. Thank you to all who have helped get us here.

npm v6.12 pre-release

npm v6.12.0-next.0 launched earlier last week. This update contains bug fixes, plus npm ci now runs prepare scripts for git dependencies, and respects the --no-optional argument. Read the release notes here.

Stay tuned for the full release next week!

Welcome, Ron Perris!

We’re stoked to welcome a new wombat, Ron Perris, to npm’s security team. Ron has 15 years of software security experience, and contributes to open-source software security in the Node.js Security Working Group, where he triages ecosystem-related vulnerability reports. Ron is also a founder of the Loco Moco Product Security conference and Appsec California, yearly gatherings for folks of all skill levels who want to discuss software security topics.

Ron has joined the npm security team to help build tools and operate services that support the secure use of packages. Welcome Ron!

Open RFC initiative

In our ongoing efforts to better collaborate with the community, we’re piloting an Open RFC program to help move conversations and initiatives forward. The focus is on existing issues, but can also touch on community/ecosystem-wide subjects.

Check out the meeting notes from this week’s call, and make sure to mark your calendar to join us for the next one: Wednesday, October 16 from 10–11am PT/1–2pm ET. A new meeting thread providing details and an initial agenda will be created here about a week before the call.

We will be looking to both livestream and record the next call to help accommodate a wider audience. We’re looking forward to making this call better over time and appreciate any feedback!

Recommended project: Pencil.js

Have you ever felt frustrated by the syntax of existing drawing libraries? Check out Pencil.js, a modular, interactive 2D drawing library created by Guillaume Martigny that aims to abstract drawing with code using a clear OOP syntax.

Its modular architecture allows you to grab or replace every block. Plus, its thorough documentation will ensure you never feel lost. Access the guide and examples here!

npm Events

Build amazing things, together ♥️

The same tools that empower developers to work together on Open Source projects can make teams more efficient when collaborating on mission-critical applications.

Does your team need private packages and team management tools? Learn how npm Orgs can help your team!

npm, Inc.

npm is the package manager for JavaScript and the world‘s largest software registry. Here are some of our thoughts.

npm, Inc.

Written by

npm, Inc.

npm is the package manager for JavaScript and the world’s largest software registry.

npm, Inc.

npm, Inc.

npm is the package manager for JavaScript and the world‘s largest software registry. Here are some of our thoughts.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade