Thanks, Tony. Those seem pretty good reasons to stay with npm@5. I don't have a lot of skin in this game, except for working with the DevOps team in supporting the CI pipelines and dealing with issues. So if npm@5 gives us the performance we like and less breaking changes, +1 from me.
I'll leave the lockfile discussion to you guys since you would have to work with that on a daily basis. No concerns from my side at this point. ________________________________________ From: Tony Atkins <[email protected]> Sent: Thursday, June 8, 2017 05:14 To: Tirloni, Giovanni Cc: [email protected] Architecture Subject: Re: [Architecture] Fwd: announcing npm@5 Hi, Giovanni: Thanks for taking the time to respond. I'll respond to the question "why can't we use yarn?" first, with the examples that I've encountered. The "sharp" issues happen in OS X, running "yarn install", for example, in this repo and branch: https://github.com/the-t-in-rtf/ul-api/tree/UL-65 If I run "yarn install" for that repo, it fails for me unless I install "node-gyp" globally. Both npm 3 and npm 5 install all dependencies without requiring node-gyp to be installed globally. I just figured that one out this morning, it's not really a blocker, more "friction" (extra stuff we have to do vs. npm). In this case, it's with a lower case "f". What's more serious are the "leveldown" issues, which happen in Windows. I have updated the Vagrant config for my fork of gpii-pouchdb to install yarn: https://github.com/the-t-in-rtf/gpii-pouchdb If you check that out and run the following, you should see the yarn error (commands in italics, instructions in normal text): * vagrant destroy -f * vagrant up * vagrant ci test --stage setup * vagrant ci test --stage vdrive * open a shell in the VM, navigate to v: * yarn install You'll see that leveldown fails to install with yarn. Running the command npm install from the same directory succeeds with both npm 3.10.8 and npm 5.0.3. Although this problem may indeed be solvable, at least for me, the overall "friction" is simply lower with npm. I'd like to hear from people who have hit the limits of npm@3 about their experiences with yarn and npm@5, I think that would help us decide as a group which of the two paths makes the most sense. In the interest of keeping this readable, I'll stop for now and comment on other topics in separate replies. Cheers, Tony On Wed, Jun 7, 2017 at 7:15 PM, Tirloni, Giovanni <[email protected]<mailto:[email protected]>> wrote: +1 for adopting yarn or npm5, and lock files. npm5 comes by default starting with node 8.x (current, future LTS) $ docker run inclusivedesign/nodejs:current npm -v 5.0.0 Performance-wise, yarn continues to be faster (https://github.com/thomaschaaf/npm-vs-yarn) but if it's missing features we need, that makes yarn less relevant in face of npm@5 performance improvements. How can I reproduce the leveldown issue? What environment is it happening on? On 06/01/2017 06:49 AM, Tony Atkins wrote: > Hi, All. > > I'm sure a few of you have seen this already, but I thought I'd use it as a > chance to resume our discussions regarding next-gen package management, which > previously focused on yarn. The new version of npm seems to be pulling in a > few yarn-like improvements (lock files, better speed). It seems like the one > practical change is committing a new type of lock file. We'd want to confirm > that the new lock files are ignored by earlier versions of npm, which is > pretty easy to confirm in Vagrant tests. > > On that note, I'm volunteering to try this out for a while. My ground rules > for myself are that whatever changes I commit related to the new version, I > only expect reviewers to accept and merge if the tests keep passing in > Vagrant and the version of npm included in the "Apps" images (currently > 3.10.8). If these are horrible or incomplete ground rules, please comment. > > Also, if anyone else wants to join me, please reply so I know whom to mention > in chats on IRC. I'd particularly love to enlist someone who uses Windows as > their daily driver, as there have been multiple issues unique to that > environment in the past (I'm looking at you, leveldown). > > Cheers, > > > Tony > > ---------- Forwarded message ---------- > From: *Isaac Schlueter* <[email protected]<mailto:[email protected]> > <mailto:[email protected]<mailto:[email protected]>>> > Date: Wed, May 31, 2017 at 5:06 PM > Subject: announcing npm@5 > To: [email protected]<mailto:[email protected]> > <mailto:[email protected]<mailto:[email protected]>> > > > __ > Hi! > > Starting today, typing `npm install npm@latest -g` will update you to npm > version 5.0.1. > > npm@5 is all new and packed with performance, reliability, and usability > improvements we know you’ll love. These include a new approach to lockfiles, > more robust caching, and incredible speed — for many common tasks, npm@5 is > up to /5x/ faster than previous versions. > > The update is available now and we recommend it for everyone. Whether you’re > finding open source packages on the npm Registry, organizing your team’s code > with Orgs > <http://s2030806319.t.en25.com/e/er?utm_campaign=2017-05-31%20npm%405%20all-sub%20email&utm_medium=email&utm_source=Eloqua&s=2030806319&lid=117&elqTrackId=39916DE6512B37FD8BBCF2D1E413B114&elq=b465a4f2f0f8488981d3180948b7e71c&elqaid=350&elqat=1>, > or installing apps behind your firewall with npm Enterprise > <https://npmjs.com/enterprise?utm_campaign=2017-05-31%20npm%405%20all-sub%20email&utm_medium=email&utm_source=Eloqua&utm_source=Eloqua&utm_medium=email&utm_campaign=20170531&elqTrackId=5B7A39B30E640E56C0C318F9225A04A0&elq=b465a4f2f0f8488981d3180948b7e71c&elqaid=350&elqat=1&elqCampaignId=107>, > npm@5 will make it faster and easier than ever to build amazing things. > > You can learn more about npm@5 here > <http://s2030806319.t.en25.com/e/er?utm_campaign=2017-05-31%20npm%405%20all-sub%20email&utm_medium=email&utm_source=Eloqua&s=2030806319&lid=116&elqTrackId=B90694C8BE3137E70040E0F3EFC1DF23&elq=b465a4f2f0f8488981d3180948b7e71c&elqaid=350&elqat=1>. > After you’ve installed it, we hope you’ll let us know what you think > <http://s2030806319.t.en25.com/e/er?utm_campaign=2017-05-31%20npm%405%20all-sub%20email&utm_medium=email&utm_source=Eloqua&s=2030806319&lid=13&elqTrackId=3B624F5AC6BC4FCCBC477A6BCBD47E88&elq=b465a4f2f0f8488981d3180948b7e71c&elqaid=350&elqat=1>, > and if you run into trouble, just drop us a line > <mailto:[email protected]<mailto:[email protected]>>. > > > npm ♥ you > > Isaac Z. Schlueter, CEO > and the wombats of npm, Inc. > > > npm, Inc. > 1999 Harrison Street, Suite 1150, Oakland, CA 94612 > > unsubscribe > <http://s2030806319.t.en25.com/e/u?s=2030806319&elq=b465a4f2f0f8488981d3180948b7e71c> > > _______________________________________________ Architecture mailing list [email protected] http://lists.gpii.net/mailman/listinfo/architecture
