You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed this commit, which could result in a 2-6 times increase in network traffic when requesting the full metadata instead of the "slim" version.
Are we sure this is what we want??
for example, installing npm (npm install npm) will now download 21MB of metadata instead of 2.1MB (x10 more!)
Additionally, I couldn't find any documentation on this.
The minified version of the packuments do not have all of the attributes that npm needs to install pacakges anymore. Work is being done on the registry to fix this, and until then we have to fetch the full packuments for all installations to work.
@wraithgar
That means the traffic could be up to 10x more... And that's just for the metadata..then there are the dependencies and their packuments, and the packages themselves..
Why not add it to the abbreviated package metadata?
For instance, npm install npm now downloads 21mb(!!) instead of 2.1mb(which is also very big) on the abbreviated data. That doesn't sounds right, and there are many many packages that have very big packuments... And as we know each npm install downloads a lot of these
@wraithgar,
Your response would be greatly appreciated.
I believe this change carries significant implications. Could you provide further details on your plans regarding it? Specifically, I'm interested in understanding if there will be modifications to the abbreviated package metadata or any alterations within the registry itself.
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
when running Npm install with the latest version Npm does not send any more the
accept: 'application/vnd.npm.install-v1+json'
header.https://github.com/npm/registry/blob/main/docs/responses/package-metadata.md
as a result, we are getting the full metadata and not the abbreviated metadta
Expected Behavior
Npm will send accept: 'application/vnd.npm.install-v1+json header as part of the npm install command.
Steps To Reproduce
npm install tiny-tarball and see the headers that send using proxy
Environment
node bin location = /opt/homebrew/Cellar/node/22.0.0/bin/node
; node version = v22.0.0
; npm version = 10.4.0
The text was updated successfully, but these errors were encountered: