As node is deprecating old Buffer usages, and unfortunately I'm using it in one of my packages. I'd love to rollout a new version to fix this before too late.
I rolled out a version that drops node < 4 support with patch version number increment, and someone complaints the breakage a few hours later.
As npm install --save always includes full semver in package.json. Which makes it impossible for deployment machines that runs a different version of node to resolve the package to an earlier version.
If I increase minor version or major version, the users will face the same issue after using npm install --save.
I know that the user should use the same version for dev and production, and npm will do the right thing for them. But this is not a perfect world. Is there a way to make this rollout transparent to end users by using some npm features?
Related
I have a project that uses node.js 14.16.0. Both me and my teammember use that version.
I use npm 6.14.11 and my teammember uses npm 7.x.x.
This results in the package-lock.json being different; the lockFileVersion property is 1 on my PC but 2 on theirs.
I already use nvm and am considering to add a .nvmrc so everyone always uses the same node version, but this doesn't fix the npm version issue.
I believe that it is a good idea to use the npm version that the installed node.js version provides. If the next big LTS release uses a new npm version, the project will switch to that. But on NPM's site they say:
npm is a separate project from Node.js, and tends to update more frequently. As a result, even if you’ve just downloaded Node.js (and therefore npm), you’ll probably need to update your npm. Luckily, npm knows how to update itself!
Which makes me believe I should always update.
But they also say:
Node.js has lots of versions! To use Node.js, and therefore npm, effectively, you’ll want to make sure that you are on a version that is supported by the Node.js team. In general, you should use the version of Node.js labelled “LTS”.
Which makes me believe I shouldn't update and just use the one node.js provides.
What is the best practice?
npm has a concept of LTS. They used to tag a release lts so you could npm install -g npm#lts and get the latest lts version, but alas, no more.
npm will continue to support any major version of npm as long as it shipped with a version of node that is still supported. So they will support npm#6 until 14 goes EOL because npm#6 shipped with version 14.
That said, npm#7 is the current version of npm and it too will be supported on 14 as well for as long as 14 is supported.
If you don't want to force your coworker to update, npm#6 will continue to receive updates as long as Node.js 14 is supported. I would recommend updating to the latest npm#6 with npm install -g npm#6 though. Either version (npm#6 or npm#7) should work just fine. You just need to pick one with your coworker to avoid the package-lock.json churn (or not care about the lockfile churn).
tl;dr
Is there is a reason that I shouldn't do the following; Install and manage packages with a version of npm that is different (much newer) from the npm version that comes with the node version I am going to be using to run my app.
longer
Some context why I am asking. I have to work with a service that supports only node 0.10.32 (I know, don't ask) and an app that was written some time ago. We need to add some functionality and unfortunately when I try to run the codebase locally it does not because some dependency of some dependency updated the minor version and they introduced const or fat arrow notation (=>). We had used shrinkwrap to lock down the versions but something must have slipped.
I have spent days on this and at some point it came to me that the problem lies with the package manager not doing what I want. So I managed to install the packages I wanted and shrinkwrapped it using npm#3.10.10 which is what I get when I use node#6.12.3 (nvm use 6.12.3). And when I want to run the app I just switch to the node#0.10.32 to make sure that is going to work on the service.
Can anyone think of any problems with this solution or a reason I shouldn't do that?
Side question
I noticed that when installing node versions using nvm, they usually come with a specific version of npm? What is the relation of those versions? How are they decided? Was it the latest npm version along with that node version when it was released? Is it the latest version of npm that can run with that specific version of node?
I installed Node JS several months ago and played around a bit. Today, I wanted to start learning more about node and before coding, I decided I wanted to make sure I had the latest version.
I checked the version and it was something like v0.10.3x. I looked on the NodeJS website and it shows the latest version as v4.1.0. So I thought Woahhh! I better upgrade and I couldn't believe it moved that fast to a 4.x version in only a few months.
I spent quite some time trying to figure out how to completely uninstall node and npm because I couldn't seem to upgrade it.
Finally I got it all ripped out, then installed in on CentOS 7 using yum. I know I won't get the latest version through yum but, I figured it would be close enough.
After install, I am at v0.10.40.
I have a feeling I just don't understand something about NodeJS version numbers.
Yeah if you only used the official node.js runtime then it would have appeared to jump from 0.12.x all the way to 4.0.0 in one fell swoop. What you may not have known was that node devs that were sick of how much the node repository was stagnating made a fork of the project and called it io.js. Under the io.js name the project marched forward over the last six months or so; it started at v1.x and iterated all the way through 2.x and 3.x in that time. Old node.js used a different versioning system wherein the odd versions were unstable and even versions were stable. Io.js switched to using semver versioning semantics like packages on npm already use.
After a lot of deliberation Joyent (original maintainers of node.js) finally caved in and helped form a proper open committee around node in an effort to push the project forward in much the same way io.js was already doing. A few months ago they agreed to merge io.js back into node.js (which was the goal of those who created io.js in the first place). They finally finished merging the two projects recently. The name io.js is no more and node.js lives on starting at v4.0. It will continue to use semver semantics like io.js did :)
Going forward things with node will be MUCH simpler. I'm excited to see where the project goes from here.
That is because since v4.0, the Node.js project and the io.js project that are now combined.
As for the io.js project, the version numbers were like v3.x, v2.x and v1.x.
Reference https://nodejs.org/en/blog/release/v4.0.0/
You can use NVM(Node Versioning manager) for avoiding confusion.
Benefit of this package is you can switch b/w two versions according to your convenient. Its a very easy to use tool.
https://www.liquidweb.com/kb/how-to-install-nvm-node-version-manager-for-node-js-on-ubuntu-12-04-lts/
if you use npm you can upgrade with
sudo npm cache clean -f
sudo npm install -g n
sudo n stable
once done try node -v to see what you got
see more at http://davidwalsh.name/upgrade-nodejs
You can update node or npm using command line. You need to have a version of node or npm installed in your machine.
Use the following command in you terminal.
npm install node -g
npm install npm
You can also install the specific version of node, Like this.
npm install node#8.1.3
npm install npm#4.1.2
Here 8.1.3 is a version number. Use any of the version you want to install.
See title. I searched all across the internets and could not find a firm answer.
The reason I want to use npm3 is because I am working in a Windows environment and I am hitting the dreaded too long path name. Migrating off Windows is not a viable option at this time.
Also, I can not upgrade to node 5.x because I use the karma test runner, which is not yet supported on node 5.x
So, I want to use node 4.x with npm 3.x.
I have successfully updated my machine, using the slick npm-windows-upgrade package, to use npm 3 with node 4.
After the upgrade, I did see a couple issues with karma not realizing jasmine/phantomjs was available. The workaround was simply to install both those packages locally.
Yes. The npm 3.x is compatible with node 4.x.
In fact, any node >= 0.8 is okay.
This has been documented in
https://www.npmjs.com/package/npm#important
You need node v0.8 or higher to run this program.
And more, I suggest you to use the nvm
https://github.com/creationix/nvm
It very easy to switch in various node environments with nvm.
Your jasmine/phantomjs is references by peerDependencies, npm 2.x will install it if missing, and an error will be reported if found version conflict by multiple package.
As you known ,the npm 3.x flatten the package dependencies, peerDependencies will print a line of warn message only(will not be instal), you should manually include peerDependencies in your package.json file, this means it is you that decide which version should be installed.
I installed Node JS several months ago and played around a bit. Today, I wanted to start learning more about node and before coding, I decided I wanted to make sure I had the latest version.
I checked the version and it was something like v0.10.3x. I looked on the NodeJS website and it shows the latest version as v4.1.0. So I thought Woahhh! I better upgrade and I couldn't believe it moved that fast to a 4.x version in only a few months.
I spent quite some time trying to figure out how to completely uninstall node and npm because I couldn't seem to upgrade it.
Finally I got it all ripped out, then installed in on CentOS 7 using yum. I know I won't get the latest version through yum but, I figured it would be close enough.
After install, I am at v0.10.40.
I have a feeling I just don't understand something about NodeJS version numbers.
Yeah if you only used the official node.js runtime then it would have appeared to jump from 0.12.x all the way to 4.0.0 in one fell swoop. What you may not have known was that node devs that were sick of how much the node repository was stagnating made a fork of the project and called it io.js. Under the io.js name the project marched forward over the last six months or so; it started at v1.x and iterated all the way through 2.x and 3.x in that time. Old node.js used a different versioning system wherein the odd versions were unstable and even versions were stable. Io.js switched to using semver versioning semantics like packages on npm already use.
After a lot of deliberation Joyent (original maintainers of node.js) finally caved in and helped form a proper open committee around node in an effort to push the project forward in much the same way io.js was already doing. A few months ago they agreed to merge io.js back into node.js (which was the goal of those who created io.js in the first place). They finally finished merging the two projects recently. The name io.js is no more and node.js lives on starting at v4.0. It will continue to use semver semantics like io.js did :)
Going forward things with node will be MUCH simpler. I'm excited to see where the project goes from here.
That is because since v4.0, the Node.js project and the io.js project that are now combined.
As for the io.js project, the version numbers were like v3.x, v2.x and v1.x.
Reference https://nodejs.org/en/blog/release/v4.0.0/
You can use NVM(Node Versioning manager) for avoiding confusion.
Benefit of this package is you can switch b/w two versions according to your convenient. Its a very easy to use tool.
https://www.liquidweb.com/kb/how-to-install-nvm-node-version-manager-for-node-js-on-ubuntu-12-04-lts/
if you use npm you can upgrade with
sudo npm cache clean -f
sudo npm install -g n
sudo n stable
once done try node -v to see what you got
see more at http://davidwalsh.name/upgrade-nodejs
You can update node or npm using command line. You need to have a version of node or npm installed in your machine.
Use the following command in you terminal.
npm install node -g
npm install npm
You can also install the specific version of node, Like this.
npm install node#8.1.3
npm install npm#4.1.2
Here 8.1.3 is a version number. Use any of the version you want to install.