Workspaces is a long-requested feature that gives NPM a set of features to manage multiple packages from within a singular, top-level root package. Driving the addition of this capability is a desire to manage multiple packages that may or may not be used together.
Also in version 7.0.0, NPM automatically installs peer dependencies. Previously, developers had to manage these on their own. A new peer dependency algorithm ensures that a validly matching peer dependency is found at or above the peer-dependent location in the node_modules tree. Note that automatic installation of peer dependencies could potentially break certain workflows.
Other new capabilities in NPM v7.0.0 include:
- A new package-lock format will enable deterministically reproducible builds and has what NPM needs to build the package tree. The NPM CLI now can use yarn.lock as a source of package metadata and resolution guidance.
- A refactoring of NPM internals, with an emphasis on separation of concerns. Internal changes are intended to ensure that the NPM code base is more reliable over time and easier to maintain. With this refactoring, the inspection and management of the node_modules tree has been moved to the Arborist module, for example. The refactoring is expected to result in faster deliveries of NPM updates.
- In a breaking change, the output of
npm audithas significantly changed both in the human-readable and
To try NPM v7.0.0 now, developers can install it by running
npm i -g npm@7 in their terminal. In an attempt to not break NPM workflows, NPM v7.0.0 will be rolled out over time. It will not be marked as
latest. Workflows will not get NPM v7.0.0 by default unless a user opts in by running
npm install -g npm@7 or installing Node.js 15.