[BUG] npm in Node.js nightly release consistently prints warning messages

[guest271314]

Is there an existing issue for this?

• I have searched the existing issues

This issue exists in the latest npm version

• I am using the latest npm

Current Behavior

The npm shipped in Node.js nightly releases displays a warning when run.

Expected Behavior

No warning messages from npm when I fetch the Node.js nightly release.

Steps To Reproduce

Download Node.js nightly release. Observe the warning when running npm

npm WARN cli npm v10.1.0 does not support Node.js v21.0.0-nightly20230916db8217b1bf. This version of npm supports the following node versions: `^18.17.0 || >=20.5.0`. You can find the latest version at https://nodejs.org/.

Environment

• npm:

npm -v
npm WARN cli npm v10.1.0 does not support Node.js v21.0.0-nightly20230916db8217b1bf. This version of npm supports the following node versions: `^18.17.0 || >=20.5.0`. You can find the latest version at https://nodejs.org/.
10.1.0

• Node.js: v21.0.0-nightly20230916db8217b1bf
• OS Name: Linux
• System Model Name:
• npm config:

 npm config ls
npm WARN cli npm v10.1.0 does not support Node.js v21.0.0-nightly20230916db8217b1bf. This version of npm supports the following node versions: `^18.17.0 || >=20.5.0`. You can find the latest version at https://nodejs.org/.
; node bin location = /home/user/node-v21.0.0-nightly20230916db8217b1bf-linux-x64/bin/node
; node version = v21.0.0-nightly20230916db8217b1bf
; npm version = 10.1.0

[guest271314]

Solution: Ship the latest npm in Node.js nightly release so we don't have to so something like npm install npm@latest after downloading the nightly release of Node.js. The equalivalent of npm nightly should be in the Node.js nightly releases.

[ljharb]

Is this really worth fixing? It's node nightly, very, very few people on the planet should be using it outside of node core collaborators.

[guest271314]

Is this really worth fixing? It's node nightly, very, very few people on the planet should be using it outside of node core collaborators.

Yes.

I download the latest Chromium Dev Channel, Chrome-For-Testing, Mozilla's Nightlu, Deno, and Node.js's nightly release every few days, or less.

Developers in the field are testing tip-of-tree gear. I test until the application breaks. I would expect maintainers of nightly releases to encourage feedback on new features and what is broken or can be broken or exploited.

I understand GitHub owns npm, not Node.js, which is why I filed the bug report here. The only reason I can think of this happening is lack of synchronicity between Node.js and GitHub-owned npm which results in the warning message. After npm install npm@latest that warning message appears to cease. It seems Node.js nightly release should fetch the latest npm from wherever GitHub's npm latest is maintained and write that into the nightly release, so folks who test Node.js, including Members, Collaborators, and developers in the field are not left wondering why Node.js nightly npm command prints wanrings on first use when it looks like there is a simple path to avoid that.

[guest271314]

One reason I keep downloading Node.js release specificically is to check if fetch() and WHATWG Streams implementation has changed any; where there is at least one case where Node.js's fetch() and WHATWG Streams implementation halts; does not full-duplex stream.

Chromium is constantly testing new features. For that matter so is Node.js. Thus, nightly releases, where it is reasonable to expect all code including to be tip-of-tree; however sourced from third-party dependencies.

[ljharb]

I am highly skeptical of your claim that developers in the wild are testing on node nightly.

[guest271314]

That is a separate matter. I donlt think you have metrics on who is downloading Node.js nightly release. I do. Every couple days or so.

What are your numbers for Node.js downloads per day?

That is not really germaine to the reason I filed ths bug. I expected the latest of the entire Node.js world in the nightly release. I would think the people who publich that release, including maintainers, don;t want to be greeted by warning messages from npm.

Ironically for quite some time I deliberately got rid of everything except the node executable from the nightly release and just used the built-ins.

Now I am involved in some experiments where I use npm, and am greeted by a warning message that appears to be trivial to fix. Is that an unreasonable expectation for npm shipped in the Node.js nightly release?

Are the core collaborators good with shipping npm in the nightly release that prints warnings immediately on first run?

[ljharb]

I'm sure they are; that's been the case for many many years.

[guest271314]

Wow.

[guest271314]

So what do you do? Run npm install npm@lastest or something like that when you are running the noghtly node release with the npm shipped in the archive that is evidently not the latest release of npm?

[ljharb]

I mean, i don't bother using node nightly, but what I assume the few folks that do use it do is just, ignore the warnings? it's a warning, not an error.

I'm sure you can suppress it by setting something like loglevel in ~/.npmrc, if it really bothers you.

[guest271314]

I mean, i don't bother using node nightly, but what I assume

So you're not really sure. Even about collaborators. Certainly not from experience. Perhaps ask your collegues what they think about this. Or is there nothing you can do to make sure the nightly archive is as advertised - nightly - not just nightly node executable?

I'm sure you can suppress it by setting something like loglevel in ~/.npmrc, if it really bothers you.

It's not bothering me. I was expecting all of the source code in the nightly release to be tip-of-tree, the latest node and npm. Not nightly node and non-latest npm.

Is this unsynchronicity a result of npm being owned by an entity other than Node.js?

[ljharb]

No, it's because npm is a separate project. It's updated in node with PRs, manually, and simply can't be done on a nightly basis.

[guest271314]

It's updated in node with PRs, manually, and simply can't be done on a nightly basis.

I'm skeptical of that claim.

[guest271314]

Looked at the source and it looks 3 months old. If npm can't be updated manually as you claim, then the warning message should go away as npm is compatible with nightly node release.

Feel free to close this if you want. Or, find a way to suppress that warning. Just somethink I'll note re Node.js environment.

Have a great day.