1c23c1ed25
Notable changes: Corepack: Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Contributed by Maël Nison - https://github.com/nodejs/node/pull/39608 ICU updated: ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February. Contributed by Michaël Zasso - https://github.com/nodejs/node/pull/40658 New option to disable loading of native addons: A new command line option `--no-addons` has been added to disallow loading of native addons. Contributed by Dominic Elm - https://github.com/nodejs/node/pull/39977 Updated Root Certificates: Root certificates have been updated to those from Mozilla's Network Security Services 3.71. Contributed by Richard Lau - https://github.com/nodejs/node/pull/40280 Other Notable Changes: crypto: * (SEMVER-MINOR) make FIPS related options always available (Vít Ondruch) https://github.com/nodejs/node/pull/36341 lib: * (SEMVER-MINOR) add unsubscribe method to non-active DC channels (simon-id) https://github.com/nodejs/node/pull/40433 * (SEMVER-MINOR) add return value for DC channel.unsubscribe (simon-id) https://github.com/nodejs/node/pull/40433 module: * (SEMVER-MINOR) support pattern trailers (Guy Bedford) https://github.com/nodejs/node/pull/39635 src: * (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) https://github.com/nodejs/node/pull/39926 PR-URL: https://github.com/nodejs/node/pull/41696
5.0 KiB
Corepack
Stability: 1 - Experimental
Corepack is an experimental tool to help with managing versions of your package managers. It exposes binary proxies for each supported package manager that, when called, will identify whatever package manager is configured for the current project, transparently install it if needed, and finally run it without requiring explicit user interactions.
This feature simplifies two core workflows:
-
It eases new contributor onboarding, since they won't have to follow system-specific installation processes anymore just to have the package manager you want them to.
-
It allows you to ensure that everyone in your team will use exactly the package manager version you intend them to, without them having to manually synchronize it each time you need to make an update.
Workflows
Enabling the feature
Due to its experimental status, Corepack currently needs to be explicitly
enabled to have any effect. To do that simply run corepack enable, which
will set up the symlinks in your environment, next to the node binary
(and overwrite the existing symlinks if necessary).
From this point forward, any call to the supported binaries will work
without further setup. Should you experience a problem, just run
corepack disable to remove the proxies from your system (and consider
opening up an issue on the Corepack repository to let us know).
Configuring a package
The Corepack proxies will find the closest package.json file in your
current directory hierarchy to extract its "packageManager" property.
If the value corresponds to a supported package manager, Corepack will make sure that all calls to the relevant binaries are run against the requested version, downloading it on demand if needed, and aborting if it cannot be successfully retrieved.
Upgrading the global versions
When running outside of an existing project (for example when running
yarn init), Corepack will by default use predefined versions roughly
corresponding to the latest stable releases from each tool. Those versions can
be easily overriden by running the corepack prepare command along with the
package manager version you wish to set:
corepack prepare yarn@x.y.z --activate
Offline workflow
Many production environments don't have network access. Since Corepack
usually downloads the package manager releases straight from their registries,
it can conflict with such environments. To avoid that happening, call the
corepack prepare command while you still have network access (typically at
the same time you're preparing your deploy image). This will ensure that the
required package managers are available even without network access.
The prepare command has various flags, consult the detailed
Corepack documentation for more information on the matter.
Supported package managers
The following binaries are provided through Corepack:
| Package manager | Binary names |
|---|---|
| Yarn | yarn, yarnpkg |
| pnpm | pnpm, pnpx |
Common questions
How does Corepack currently interact with npm?
While Corepack could easily support npm like any other package manager, its shims aren't currently enabled by default. This has a few consequences:
-
It's always possible to run a
npmcommand within a project configured to be used with another package manager, since Corepack cannot intercept it. -
While
npmis a valid option in the"packageManager"property, the lack of shim will cause the global npm to be used.
Running npm install -g yarn doesn't work
npm prevents accidentally overriding the Corepack binaries when doing a global install. To avoid this problem, consider one of the following options:
-
Don't run this command anymore; Corepack will provide the package manager binaries anyway and will ensure that the requested versions are always available, so installing the package managers explicitly isn't needed anymore.
-
Add the
--forceflag tonpm install; this will tell npm that it's fine to override binaries, but you'll erase the Corepack ones in the process (should that happen, runcorepack enableagain to add them back).