JSJ 266 NPM 5.0 with Rebecca Turner
JavaScript Jabber20 Kesä 2017

JSJ 266 NPM 5.0 with Rebecca Turner

On today’s episode of JavaScript Jabber, Charles Max Wood and panelist Joe Eames chat with Rebecca Turner, tech lead for https://www.npmjs.com/, a popular Javascript package manager with the worlds largest software registry. Learn about the newly released NPM 5 including a few of the updated features. Stay tuned![1:58] Was the release of node JS 8 tied to NPM5?
- Features in NPM5 have been in planning for 2 years now.
- Planned on getting it out earlier this year.
- Node 8 was coming out and got pushed out a month.
- Putting NPM5 into Node 8 became doable.
- Pushed really hard to get NPM5 into https://nodejs.org/en/blog/release/v8.0.0/ so that users would get NPM5 and updates to NPM5.
[2:58] Why would it matter? NPM doesn’t care right?
- Right you can use NPM5 with any version of node.
- Most people don’t update NPM, but upgrade Node.
- So releasing them together allowed for when people updated Node they would get NPM 5.
[3:29] How does the upgrade process work if you’re using NVM or some node version manager?
- Depends. Different approaches for each
- NVM gets a fresh copy of Node with new globals. NVM5 and Node 8 are bundled.
- For some, If you manually upgrade NVM you’ll always have to manually. It will keep the one you manually upgraded to.
[4:16] Why NPM 5?
- It’s night and day faster.
- 3 to 5 times speed up is not uncommon.
- Most package managers are slow.
- NPM 5 is still growing. Will get even faster.
[5:18] How did you make it faster?
- The NPM’s cache is old. It’s very slow. Appalling slow.
- Rewrote cache
- Saw huge performance gains
[5:49] What is the function of the cache?
- Cache makes it so you don’t have to reinstall modules from the internet.
- It has registry information too.
- It will now obey http headers for timing out cache.
[6:50] Other things that made it faster?
- Had a log file for a long time. It was called https://docs.npmjs.com/cli/shrinkwrap.
- NPM 5 makes it default.
- Renamed it to packagelog.json
- Exactly like shrinkwrap package file seen before
- In combo with cache, it makes it really fast.
- Stores information about what the tree should look like and it’s general structure.
- It doesn’t have to go back and learn versions of packages.
[7:50] Can you turn the default Packagelog.json off?
- Yes. Just:
- Set packagelog=false in the npmrc
[8:01] Why make it default? Why wasn’t it default before?
- It Didn’t have it before. Shrinkwrap was added as a separate project enfolded in NPM and wasn’t core to the design of NPM.
- Most people would now benefit from it. Not many scenarios where you wouldn’t want one.
- Teams not using the same tools causes headaches and issues.
[9:38] Where does not having a lock show up as a problem?
- It records the versions of the packages installed and where NPM put them so that when you clone a project down you will have exactly the same versions across machines.
- Collaborators have the exact same version.
- Protects from issues after people introduce changes and patch releases.
- NPM being faster is just a bonus.
- Store the sha512 of the package that was installed in the glock file so that we can verify it when you install. It’s Bit for bit what you had previously.
[11:12] Could you solve that by setting the package version as the same version as the .Json file?
- No. That will lock down the versions of the modules that you install personally, not the dependancies, or transitive dependancies.
- Package log allows you to look into the head of the installer. This is what the install looks like.
[12:16] Defaulting the log file speed things up? How?
- It doesn’t have to figure out dependences or the tree which makes it faster.
- Shrinkwrap command is still there, it renames it to shrinkwrap but shrinkwrap cannot be published.
- For application level things or big libraries, using shrinkwrap to lock down versions is popular.
[13:42] You’ve Adopted specifications in a ROC process. When did you guys do that?
- Did it in January
- Have been using them internally for years. Inviting people into the process.
- Specifications
- Written in the form of “Here is the problem and here are the solutions.”
- Spec folder in NPM docs, things being added to that as they specify how things work.
- Spec tests have been great.
[14:59] The update adds new tools. Will there be new things in registry as well?
- Yes.
- Information about a package from registry, it returns document that has info about every version and package json data and full readme for every version.
- It gets very large.
- New API to request smaller version of that document.
- Reduces bandwidth, lower download size, makes it substantially faster.
- Used to be hashed with sha1, With this update it will be hashed with sha512 as well as sha1 for older clients.
[16:20] Will you be stopping support for older versions?
- LTS version of NPM was a thing for a while. They stopped doing that.
- Two models, people either use whatever version came with Node or they update to the latest.
- The NPM team is really small. Hard to maintain old NPM branches.
- Supports current versions and that’s pretty much it.
- If there are big problems they will fix old versions. Patches , etc.
[17:36] Will there ever be problems with that?
- Older versions should continue to work. Shouldn’t break any of that.
- Can’t upgrade from 0.8.
- It does break with different Node version
- Does not support Node versions 0.10 or 0.12.
[18:47] How do you upgrade to NPM?
- sudo npm install -gmpm
- Yes, you may not need sudo. depend on what you’re on.
[19:07] How long has it been since version 4?
- Last October is when it came out.
[19:24] Do you already have plans for version 6?
- Yes!
- More releases than before coming up.
- Finally deprecating old features that are only used in a few packages out of the whole registry.
- Running tests on getting rid of things.
[20:50] Self healing cache. What is it and why do we want it?
- Users are sometimes showing up where installs are broken and tarbols are corrupted.
- This happens sometimes with complicated containerization setups makes it more likely. It’s unclear where the problem actually is.
- https://www.npmjs.com/package/cacache - content addressable cache. Take the hash of your package and use it to look up address to look it up in the cache.
- Compares the Tarbol using an address to look it up in the cache.
- Compares to see if it’s old. Trashes old and downloads updated one.
- Came out with the cache. Free side effect of the new cache.
[23:14] New information output as part of the update?
- NPM has always gave back you the tree from what you just installed.
- Now, trees can be larger and displaying that much information is not useful.
- User patch - gives you specifically what you asked for.
- Information it shows will be something like: “I installed 50 items, updated 7, deleted 2.”
[24:23] Did you personally put that together?
- Yes, threw it together and then got feedback from users and went with it.
- Often unplanned features will get made and will be thrown out to get feedback.
- Another new things ls output now shows you modules that were deduped. Shows logical tree and it’s relationships and what was deduped.
[25:27] You came up to node 4 syntax. Why not go to node 8?
- To allow people with just node 4 be able to use NPM.
- Many projects still run Node 4. Once a project has been deployed, people generally don’t touch it.
[26:20] Other new features? What about the File Specifier?
- File specifier is new. File paths can be in package json, usually put inside pointing to something inside your package.
- It will copy from there to your node modules.
- Just a node module symlink.
- Much faster. Verifiable that what’s in your node modules matches the source. If it’s pointing at the right place it’s correct. If not, then it’s not.
- Earlier, sometimes it was hard to tell.
[27:38] Anything else as part of the NPM 5 release? Who do you think will be most affected by it?
- For the most part, people notice three things:
- 1st. no giant tree at the end
- 2nd. Much faster
- 3rd. Package lock.
[28:14] If it’s locked, how do you update it?
- Run npm installer and then npm update
- Used to be scary, but works well now.
- Updates to latest semver, matches semver to package json to all node modules.
- Updates package lock at the same time
- Summary in Git shows what’s changed.
[28:59] Did Yarn come into play with your decisions with this release?
- The plans have been in play for a long time for this update.
- https://yarnpkg.com/en/ inclusion of similar features and the feedback was an indicator that some of the features were valuable.
[29:53] Other plans to incorporate features similar to yarn?
- Features are already pretty close.
- There are other alternative package managers out there.
- PMPM interesting because when it installs it doesn’t copy all the files. It c

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Jaksot(734)

030 JSJ Learning & Teaching JavaScript with Noel Rappin

030 JSJ Learning & Teaching JavaScript with Noel Rappin

PanelNoel Rappin (twitter github blog) Jamison Dance (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Intro to CoffeeScript) AJ O’Neal (twitter github blog) Discussion 00:52 - Works in training and talent development for Groupon00:56 - Author of Rails Test Prescriptions and upcoming Master Space and Time with JavaScript01:21 - Writing a book about JavaScript02:33 - Focus of the bookPart 1: Jasmine and jQuery and the JavaScript Object Model Part 2: Extended examples of jQuery Part 3: Backbone Part 4: Ember 03:46 - Self-published authors05:15 - Approaches and mindsets to learning JavaScript06:04 - “Gotchas!” and bad features in Javascript09:17 - Modeling JavaScript for beginners11:23 - (AJ joins the podcast)11:42 - Resources/Classes for learning JavaScriptGood Parts Book: Douglas Crockford JavaScript Patterns: Stoyan Stefanov Eloquent JavaScript: A Modern Introduction to Programming: Marijn Haverbeke Maintainable JavaScript: Nicholas C. Zakas 13:54 - Hiring people with JavaScript experience at Groupon15:12 - Training workshops17:00 - Getting new hires up to speed quicklyPairing Mentoring Lectures Workshops 21:38 - Book LearningYou can learn at your own pace But it’s hard to ask questions to a book 22:51 - How Noel gained expertise in JavaScript24:38 - Code reading and learning to program a language26:18 - Teaching people JavaScript as their very first language31:55 - Classroom layout33:42 - Online trainingKahn Academy Computer ScienceCode AcademyStarter League40:00 - Finding a mentorStack Overflow PicksShrines by Purity Ring (Jamison) Learnable Programming: Bret Victor (Jamison) Mob Software: Richard P. Gabriel & Ron Goldman (Jamison) Monoprice.com (AJ) ZREO: Zelda Reorchestrated (AJ) The Official Twitter App (Chuck) Fluid App (Chuck) Try Jasmine! (Noel) Justin Searls (Noel) The Atrocity Archives: Charles Stross (Noel) Futurity: A Musical by The Lisps (Noel) Transcript NOEL: I’m trying to figure out where the chat is in this stupid Skype interface.JAMISON: Just imagine the worst place it could possibly be and that’s where it is.[This episode is sponsored by ComponentOne, makers of Wijmo. If you need stunning UI elements or awesome graphs and charts, then go to wijmo.com and check them out.][Hosting and bandwidth provided by The Blue Box Group. Check them out at bluebox.net]CHUCK: Hey everybody and welcome to Episode 30 of the JavaScript Jabber show! This week on our panel we have, Jamison Dance.JAMISON: Hey guys!CHUCK: I’m Charles Max Wood from devchat.tv and this week, we have a special guest and that’s Noel Rappin!NOEL: Hey everybody!CHUCK: For the people who don’t know who you are, you want to introduce yourself, Noel?NOEL:  Sure. I currently work in training and talent development for Groupon. And I am the author of previously “Rails Test Prescriptions” and currently a self-published book called “Master Time and Space with JavaScript”, which you can get at noelrappin.com. I need to spell that out, right? N-o-e-l-r-a-p-p-i-n.comCHUCK: So I’m little curious, before we get into the topic which is learning and teaching JavaScript, how did you get into writing a book about JavaScript? What’s your background there?NOEL: You know, it actually relates to teaching and learning JavaScript. I think, I was like… a lot of long time web devs. I spent my first round as a web consultant in around, turn of the century 2000’s. I spent time trying to talk clients out of JavaScript stuff because it was such a pain in the neck. And I kind of got away from it for awhile and came back a couple of years ago to realize that basically, everything had changed and they were actually usable tools now.And last summer, I was working with a… at that time,Special Guest: Noel Rappin. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

4 Loka 201251min

029 JSJ Bower.js with Alex MacCaw and Jacob Thornton

029 JSJ Bower.js with Alex MacCaw and Jacob Thornton

PanelAlex MacCaw (twitter github blog) Jacob Thornton (Fat) (twitter github blog) AJ O’Neal (twitter github blog) Jamison Dance (twitter github blog) Joe Eames (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Intro to CoffeeScript) DiscussionBower.js (web) Bower.js (twitter) Bower.js (github) SXSW Package managers ender-js BPM hem Benefits Small components Yeoman.io Browserify Dependencies Segmenting the community Transports Mozilla (github) Commands Building an actual package manager node.js Moving parts of a package manager Events Challenges Ember.js Mobile web application development Google Chrome apps Desktop apps in JavaScript PicksKershaw Ken Onion Tactical Blur Folding Knife (AJ) The xx: Coexist (Jamison) Neil Armstrong’s Solemn but Not Sad Memorial Cathedral (Jamison) Collective Soul Cat (Jamison) Amazon Prime (Joe) Star Trek Original Series on Amazon Prime (Joe) Functional Programming Principles in Scala: Martin Odersky (Joe) Domo (hiring!) (Joe) Delegation in Google (Chuck) Civilization IV (Chuck) Fujitsu ScanSnap (Chuck) Bill Nye’s Twitter Account getting suspended was not cool (Jacob) Github + Twitter profile redesign (Jacob) Avoid 7/11 Hot Dog Flavored Chips (Jacob) The Big Picture (Alex) CoffeeScriptRedux (Alex) Stripe (Alex) Special Guests: Alex MacCaw and Jacob Thornton. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

2 Loka 201247min

028 JSJ Greenfield vs Brownfield Projects

028 JSJ Greenfield vs Brownfield Projects

PanelJoe Eames (twitter github blog) AJ O'Neal (twitter github blog) Jamison Dance (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Rails Summer Camp) DiscussionGreenfield - Brand New Project Brownfield - Older Applications, Legacy Code Poopfield - PHP Development Dealing With Legacy Code Use Tests Working Effectively with Legacy Code - Michael Feathers Risk When is the big rewrite the correct answer? PicksJoseph Smith: Rough Stone Rolling (AJ) Roll Up Crepes (AJ) Calepin (AJ) Bernie (Jamison) Dota 2 (Jamison) Derrick Storm Novels - A Brewing Storm, A Bloody Storm, A Raging Storm (Joe) Castle (Joe) X-Wing Mineatures (Joe) PEX For Fun (Joe) MLG Championship - Starcraft Duel (Joe) VESA 75 to 100 Adapter (Chuck) LG Tone Bluetooth Headphones (Chuck) Transcript JOE: Listen baby, it won’t get weird.JAMISON: [Chuckles]AJ: That sounds... weird.JAMISON: [Chuckles] Too Late.[Hosting and bandwidth provided by the Blue Box Group. Check them out at bluebox.net.][This episode is sponsored by Harvest. I use Harvest to track time, track subcontractor’s time and invoice clients. Their time tracking is really simple and easy to use. Invoicing includes a ‘pay now’ function by credit card and PayPal. And you can sign up at getharvest.com. Use the code RF to get 50% off your first month.]CHUCK: Hey everybody and welcome to episode 28 of the JavaScript Jabber show. This week on our panel, we have AJ O’Neil.AJ: Yo, yo, yo comin’ at you live from the second story of an office base in Orem, Utah.CHUCK:  We also have Jamison Dance.JAMISON: Hi, I’m Jamison Dance and I am super excited, because today iTV just announced that we are doing the Nintendo TV thing; and I haven’t been able to talk about it for, like, six months, so it’s a good day.CHUCK: Cool. We also have Joe Eames.JOE: Comin at you semi live from American Fork, Utah.CHUCK: And I am Charles Max Wood from devchat.tv. Tim is not with us this week because he is in China. I thought I’d point that out, because I think it’s cool. Anyway, this week we are going to be talking about Greenfield versus Brownfield projects. It was kind of funny when we were getting ready to do this, some of the panels were like, Green/Brown?JAMISON: Yeah, I have to pull Josh Susser and ask for a definition.CHUCK: So, as far as I understand it, there are some new --- to this, depending to who you talk to, but mostly, Greenfield is a brand new project with few or no decisions made and no code written for it yet. And Brownfield projects are effectively older applications usually associated with legacy code. You know, so it’s an application that already has code written toward it. Typically, it is out there in the world doing whatever it is supposed to do.JAMISON: Now, I want to put this question delicately. Are there any fecal connotations to the color ‘brown’ in Brownfield?CHUCK: Only if it’s PHP.JOE: [Chuckles]. Then it’s Poopfield Development?CHUCK: [Chuckles]. Okay, we are not gonna go down that tangent.[Laughter]AJ: Because, I mean honestly, when Mormons make jokes about crap, it never sounds good anyway.CHUCK: Yeah. So anyway, how many of you guys have actually worked on a real Greenfield project? Like been there from day one, that you have it just built yourself.JAMISON: I guess it depends on your definition. Maybe. So we have lots of services at ITV, so I've been part of spinning up completely new services that didn’t exist. We had other sort of similar things already, so some of the decisions were already made for, so we kind of had a style established. But it was still like a separate project.AJ: Do you forget us so soon, Jamison?JAMISON: [Chuckles].AJ: You don’t remember ever working here or getting started…JAMISON: I do. I don’t remember Greenfield stuff; I remember new features, I mean, Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

21 Syys 201214min

027 JSJ The JavaScript Community

027 JSJ The JavaScript Community

The panelists discuss the JavaScript community at large. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

5 Syys 201249min

026 JSJ Code Organization and Reuse

026 JSJ Code Organization and Reuse

The panelists talk about code organization and reuse. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

28 Elo 201256min

025 JSJ Require.js with James Burke

025 JSJ Require.js with James Burke

The panelists talk to James Burke about Require.js.Special Guest: James Burke . Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

21 Elo 201235min

024 JSJ Strata.js with Michael Jackson

024 JSJ Strata.js with Michael Jackson

Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

14 Elo 201243min

023 JSJ Phantom.js with Ariya Hidayat

023 JSJ Phantom.js with Ariya Hidayat

The panelists talk to Ariya Hidayat about Phantom.js.Special Guest: Ariya Hidayat. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

7 Elo 201240min

Suosittua kategoriassa Liike-elämä ja talous

sijotuskasti
psykopodiaa-podcast
rss-rahapodi
mimmit-sijoittaa
ostan-asuntoja-podcast
pomojen-suusta
rss-lahtijat
rss-bisnesta-bebeja
rss-sisalto-kuntoon
inderespodi
taloudellinen-mielenrauha
yrittaja
rss-startup-ministerio
rss-seuraava-potilas
rss-paasipodi
pari-sanaa-lastensuojelusta
bakkari-tarinoita-tapahtumien-takahuoneista
rss-markkinointiradio
rss-lindholm-savolainen
rss-podcast-podcasteista