Skip to content
This repository has been archived by the owner. It is now read-only.

@iarna iarna released this Jan 29, 2016 · 1760 commits to latest since this release

v3.7.0 (2016-01-20):

Hi all! This week brings us some important performance improvements, support for git submodules(!) and a bunch of bug fixes.


gauge, the module responsible for drawing npm's progress bars, had an embarrassing bug in its debounce implementation that resulted in it, on many systems, actually being slower than if it hadn't been debouncing. This was due to it destroying and then creating a timer object any time it got an update while waiting on its minimum update period to elapse. This only was a measurable slowdown when sending thousands of updates a second, but unfortunately parts of npm's logging do exactly that. This has been patched to eliminate that churn, and our testing shows the progress bar as being eliminated as a source of slow down.

Meanwhile, are-we-there-yet is the module that tracks just how complete our big asynchronous install process is. @STRML spent some time auditing its source and made a few smaller performance improvements to it. Most impactful was eliminating a bizarre bit of code that was both binding to AND closing over the current object. I don't have any explanation for how that crept in. =D

  • c680fa9 npmlog@2.0.2: New are-we-there-yet with performance patches from @STRML. New gauge with timer churn performance patch. (@iarna)

We were also using lodash's cloneDeep on package.json data which is definitely overkill, seeing as package.json data has all the restrictions of being json. The fix for this is just swapping that out for something that does a pair of JSON.stringify/JSON.parse, which is distinctly more speedy.


Long, long requested– the referenced issue is from 2011– we're finally getting rudimentary git submodule support.

  • 39dea9c #1876 Add support for git submodules in git remotes. This is a fairly simple approach, which does not leverage the git caching mechanism to cache submodules. It also doesn't provide a means to disable automatic initialization, e.g. via a setting in the .gitmodules file. (@gagern)


  • 5dec02a #10347 There is an obscure feature that lets you monkey-patch npm when it starts up. If the module being required with this feature failed, it would previously just make npm error out– this reduces that to a warning. (@evanlucas)


  • 9ab8b8d #10820 Fix a bug with npm ls where if you asked for ONLY production dependencies in output it would exclude dependencies that were BOTH production AND development dependencies. (@davidvgalbraith)
  • 6803fed #8982 Fix a bug where, under some circumstances, if you had a path that contained the name of a package being installed somewhere in it, npm would incorrectly refuse to run lifecycle scripts. (@elvanja)
  • 3eae40b #9253 Fix a bug where, when running lifecycle scripts, if the Node.js binary you ran npm with wasn't in your PATH, npm wouldn't use it to run your scripts. (@segrey)
  • 61daa6a #11014 Fix a bug where running rimraf node_modules/<package> followed by npm rm --save <package> would fail. npm now correctly removes the module from your package.json even though it doesn't exist on disk. (@davidvgalbraith)
  • a605586 #9679 Fix a bug where npm install --save git+https://… would save a https:// url to your package.json which was a problem because npm wouldn't then know that it was a git repo. (@gagern)
  • bbdc700 #10063 Fix a bug where npm would change the order of array properties in the package.json files of dependencies. npm adds a bunch of stuff to package.json files in your node_modules folder for debugging and bookkeeping purposes. As a part of this process it sorts the object to reduce file churn when it does updates. This fixes a bug where the arrays in the object were also getting sorted. This wasn't a problem for properties that npm itself maintains, but is a problem for properties used by other packages. (@substack)


  • 2609a29 #11273 Include an example of viewing package version history in the npm view documentation. (@vedatmahir)
  • 719ea9c #11272 Fix typographical issue in npm update documentation. (@jonathanp)
  • cb9df5a #11215 Do not call SEE LICENSE IN <filename> an SPDX expression, as it's not. (@kemitchell)
  • f427934 #11196 Correct the package.json examples in the npm update documentation to actually be valid JSON and not just JavaScript object literals. (@s100)


  • a7b2407 retry@0.9.0: New features and interface agnostic refactoring. (@tim-kos)
  • 220fc77 request@2.69.0: A bunch of small bug fixes and module updates. (@simov)
  • 9e5c84f which@1.2.4: Update isexe and fix bug in pathExt, in which files without extensions would sometimes be preferred to files with extensions on Windows, even though those without extensions aren't executable. pathExt is a list of extensions that are considered executable (exe, cmd, bat, com on Windows). (@isaacs)
  • 375b9c4 rimraf@2.5.1: Minor doc formatting fixes. (@isaacs)
  • ef1971e lodash.clonedeep@4.0.2: Misc minor code cleanup. No functional changes. (@jdalton)
Assets 2