+ - 0:00:00
Notes for current slide
Notes for next slide

title slide

1 / 103

you don't know

npm logo

2 / 103

http://bit.ly/fwdays-2017

(gh-pages: ashleygwilliams/fwdays-2017)

3 / 103

hi my name is @ag_dubs

space invader ghost dolphin

4 / 103

real-eyes

5 / 103

if you have some 💸 you can give it to us

6 / 103

if you have some 💸 you can give it to us

we'll use it to keep the registry running 🏃🏿

7 / 103

wombat

23 humans work at npm

8 / 103

wdu

https://twitter.com/sofianguy/status/626260419716317185

9 / 103

CLI

Registry

Website

10 / 103

CLI

✨Registry✨

Website

11 / 103

over the last year

70 billion

package downloads occured

https://twitter.com/seldo/status/845094537752014852. 23 March 2017.

12 / 103

rolling-weekly-download

https://twitter.com/seldo/status/845094537752014852. 23 March 2017.

13 / 103

stuff everybody knows

npm install

14 / 103

stuff not everyone knows

i dont know

15 / 103

npm isntall

sweatsmile sweatsmile sweatsmile

16 / 103

add deps from the CLI

npm i --save

npm i --save-dev

disk disk disk

17 / 103

add deps from the CLI

npm i -S

npm i -D

disk disk disk

18 / 103

show the dep tree

npm ls

list tree list

19 / 103

show just primary deps

npm ls --depth=0

list list list

20 / 103

npm prune

21 / 103

npm... global cache?

.npm/

modules are stored in the home directory

... but you can't use this offline because it still hits the network

22 / 103

npm install offline

npm install --cache-min 999999

we should probably just alias this to:

npm install --offline

money money money

23 / 103

npm install offline

npm pack

npm install my-pkg.tgz

create a tarball out of any package and then use install directly on the tarball

shirt soon suitcase

24 / 103

pack your deps!

bundledDependencies

pack doesn't add your pkg's deps BUT

bundled deps are added to the tarball!

suitcase soon suitcase

25 / 103

  • dependencies juggling

  • devDependencies hammer wrench

  • optionalDependencies ghost

  • peerDependencies plug

26 / 103

lock down your deps

npm shrinkwrap

shrinkwrap

27 / 103

update your shrinkwrap

--save and --save-dev

- don't need to shrinkwrap everytime

- new with npm3!

lock-pen new lock-pen

28 / 103

why not a default feature?

29 / 103

we believe in semver

want to believe

30 / 103

semver.npmjs.com

semverdotnpmjs

31 / 103

semver made easy

npm version <type>

types: major, minor, patch

  • major: breaking changes

  • minor: feature add

  • patch: bug fix, docs

32 / 103

npm wants to make your life easy

nerd sunglasses nerd

33 / 103

automate all the things

npm run $anything

- test, start

- customize!

theater runner theater

34 / 103

lifecycle events

lifecycle events

seedling plant tree

35 / 103

npm i --save-dev husky

husky husky

36 / 103

npm i -D shelljs

shelljs

37 / 103

get stuff for free

npm run env

config and package.json as variables

sparkles free sparkles

38 / 103

never install something globally again

no global no

39 / 103

never install something globally again

no global no

ok fine, maybe sometimes

40 / 103

why run scripts?

41 / 103

why run scripts?

because they are versioned

42 / 103

let's look at an example

{
  "...": "...",
  "scripts": {
    "test": "npm run test:backend && npm run test:frontend",
    "posttest": "standard",
    "test:backend": "lab --assert code --timeout 5000",
    "test:frontend": "karma start",
    "...": "..."
  },
  "devDependencies": {
    "...": "...",
    "karma": "^1.1.1",
    "lab": "^13.0.1",
    "standard": "^10.0.2",
    "...": "..."
  }
}
43 / 103

don't hardcode node_modules

{
  "...": "...",
  "scripts": {
    "start": "./node_modules/mocha/bin/mocha"
  },
  "...": "..."
}
44 / 103

don't hardcode node_modules

{
  "...": "...",
  "scripts": {
    "start": "mocha"
  },
  "...": "..."
}
45 / 103

cute dog break!

46 / 103

how to publish

47 / 103

publishes

48 / 103

39,692 publishes/week

49 / 103

new packages

50 / 103

4,685 new packages last week

51 / 103

~160 people publish their first package every week

52 / 103

102,460 publishers

53 / 103

create a package.json

npm init

  • knows your deps from node_modules

  • knows your repository from git repo

  • always adds keys, never deletes

chick

54 / 103

create a package.json with defaults

npm init --yes

yes

55 / 103

customize npm init questions

~/.npm-init.js

enforce license and best practices

question art question

56 / 103

check your package before you publish!

npm pack

tar xvzf pkg.tar.gz

57 / 103

.npmignore

- will match your .gitignore if no .npmignore

- an empty .npmignore will override a .gitignore

- you can't ignore some things, like package.json or a README

58 / 103

"files": [...]

- add as an array to your package.json

- list the files that should be included

- some things are included even if they aren't listed like package.json or a README

59 / 103

np by sindresorhus

np

https://github.com/sindresorhus/np

60 / 103

unpublishes

61 / 103

left-pad

62 / 103

left-pad

63 / 103

policy

http://blog.npmjs.org/post/141905368000/changes-to-npms-unpublish-policy

64 / 103

you can only unpublish within 24hrs

65 / 103

meta issue

66 / 103

dissociate and deprecate

67 / 103

npm deprecate

68 / 103

scoped packages

(fancy way of saying namespaced packages!)

69 / 103

scoped packages

npm i @scope/name

telescope

70 / 103

scoped packages

npm i @scope/name

telescope

scoped packages are private by default but you can make them public:

npm publish --access=public

71 / 103

we now have search and download stat support for scopes!

72 / 103

old bug

73 / 103

you already have a scope!

(hint: it's your user name!)

74 / 103

private packages

npm init --scope=<usrname>

Use your private modules side by side with modules from the public registry

lock dancers lock

75 / 103

npm organizations

npm team

  • create teams and add members

  • grant and revoke access to packages via teams

team team team

76 / 103

npm orgs are free for public packages!

tada tada tada

77 / 103

npm is being used for a lot of things we never expected

78 / 103

greenkeeper

79 / 103

npms

80 / 103

yarn

81 / 103

cnpm

82 / 103

and so can you!

83 / 103

public APIs

84 / 103

downloads API

blog downloads]

http://blog.npmjs.org/post/92574016600/numeric-precision-matters-how-npm-download-counts

85 / 103

https://github.com/npm/registry/blob/master/docs/download-counts.md

86 / 103

search API

search api

https://github.com/npm/registry/blob/master/docs/REGISTRY-API.md#get-v1search

87 / 103

registry changes-stream

https://replicate.npmjs.com

https://github.com/jcrugzz/changes-stream

88 / 103

write a registry follower

follower

https://github.com/npm/registry/blob/master/docs/follower.md

89 / 103

webhooks

priate wombat

90 / 103

hook events

https://github.com/npm/registry/tree/master/docs/hooks

91 / 103

notifications in slack

captain hook

https://github.com/npm/captain-hook

92 / 103

wombat cli

93 / 103

npm i wombat -g

wombat hook add <pkg> <url> <secret>

94 / 103

https://github.com/npm/registry/

registry repo

95 / 103

we are so excited to see what you build

96 / 103

update your npm!

npm i npm@latest -g

97 / 103

you can use any npm with any node version

98 / 103

you can use any npm with any node version

so you should always use the most up to date version

99 / 103

npm 5 is coming soon!

  • complete cache rewrite

  • --prefer-offline and --offline install flags

  • shrinkwrap integrity field

  • it's fast as heck ;)

WIP changelog: https://github.com/npm/npm/pull/16244

100 / 103
101 / 103

npm

102 / 103

thanks!

me => @ag_dubs

bit.ly/fwdays-2017

space invader ghost dolphin

103 / 103

you don't know

npm logo

2 / 103
Paused

Help

Keyboard shortcuts

, , Pg Up, k Go to previous slide
, , Pg Dn, Space, j Go to next slide
Home Go to first slide
End Go to last slide
b / m / f Toggle blackout / mirrored / fullscreen mode
c Clone slideshow
p Toggle presenter mode
t Restart the presentation timer
?, h Toggle this help
Esc Back to slideshow