A decade of npm!
npm turns 10! To celebrate, we’ve put together a timeline of the milestones we’ve reached along the way. Thank you to all who have helped get us here.
npm v6.12 pre-release
npm v6.12.0-next.0 launched earlier last week. This update contains bug fixes, plus
npm ci now runs prepare scripts for git dependencies, and respects the
--no-optional argument. Read the release notes here.
Stay tuned for the full release next week!
Welcome, Ron Perris!
We’re stoked to welcome a new wombat, Ron Perris, to npm’s security team. Ron has 15 years of software security experience, and contributes to open-source software security in the Node.js Security Working Group, where he triages ecosystem-related vulnerability reports. Ron is also a founder of the Loco Moco Product Security conference and Appsec California, yearly gatherings for folks of all skill levels who want to discuss software security topics.
Ron has joined the npm security team to help build tools and operate services that support the secure use of packages. Welcome Ron!
Open RFC initiative
In our ongoing efforts to better collaborate with the community, we’re piloting an Open RFC program to help move conversations and initiatives forward. The focus is on existing issues, but can also touch on community/ecosystem-wide subjects.
Check out the meeting notes from this week’s call, and make sure to mark your calendar to join us for the next one: Wednesday, October 16 from 10–11am PT/1–2pm ET. A new meeting thread providing details and an initial agenda will be created here about a week before the call.
We will be looking to both livestream and record the next call to help accommodate a wider audience. We’re looking forward to making this call better over time and appreciate any feedback!
Recommended project: Pencil.js
Have you ever felt frustrated by the syntax of existing drawing libraries? Check out Pencil.js, a modular, interactive 2D drawing library created by Guillaume Martigny that aims to abstract drawing with code using a clear OOP syntax.
Its modular architecture allows you to grab or replace every block. Plus, its thorough documentation will ensure you never feel lost. Access the guide and examples here!
- Join npm’s Daniel Sauble on Tuesday, October 8 at 10am PT, to discuss the ups and downs of working with a polyglot artifact manager and how npm can help.
- Open RFC meeting: October 16 (see details above)
- FinJS New York: October 22. Don’t miss npm CTO Ahmad Nassri’s presentation, “Modern Patterns in Modular Software Architectures.”
- NodeDay: October 25 in NYC. Ahmad will be presenting here as well — stop by and say hello!
Build amazing things, together ♥️
The same tools that empower developers to work together on Open Source projects can make teams more efficient when collaborating on mission-critical applications.
Does your team need private packages and team management tools? Learn how npm Orgs can help your team!