Migrate to (bundled) npm 8 or newer #61
Description
Have you checked for existing feature requests?
- Completed
Summary
Switching to (bundled) npm 8 or newer in apm.
My first plan would be to ask the author of atom-community/apm#123 if it is okay to use their implementation at this repo. We can then verify whether it "just works" at that point, or needs more work for successful integration of newer npm into ppm.
What benefits does this feature provide?
Newer npm brings newer node-gyp.
- Newer node-gyp supports newer Visual Studio compiler toolchains...
- ppm is still built around npm 6 --> node-gyp 5.x. Visual Studio 2022 support was only added in node-gyp 8.4.0.
- And newer node-gyp also supports newer Python versions...
- Newer node-gyp (starting with node-gyp v8.0.0) has a fix for what is otherwise a syntax error with Python 3.11.
- Newer npm has node-gyp new enough to include the fix
Newer npm should be much faster than npm 6.
Allegedly, but I think in my personal use I have in fact seen it to be faster.
Newer npm will be supported further into the future.
In summary: Node 14 has npm 6. Node 16 has npm 8. Node 18 has npm 9.
Node 14 support ends 30 April, which is soon. We want to be on something newer for longer support.
Support timeline for various npm versions
See NodeJS support timeline, that's what most of this is based off of: https://github.com/nodejs/release#release-schedule
- Node 14 has come with npm 6 by default for a long time now. So npm 6.x has been implicitly sort of supported for all that time. Now Node 14 is about to be end of life (on the 30th of April 2023). So that implicit support for npm 6.x will also be ending, or so the rumor is.
- Node 16 comes with npm 8, so it will sort of implicitly be supported for a while, or rather at least until the 11th of September 2023 (https://github.com/nodejs/release#release-schedule). Node 16 support is actually ending quicker than usual, since it's the last version of Node on OpenSSL 1.1.1, OpenSSL 1.1.1 support is ending 11 September 2023, and newer Node is on OpenSSL 3. See: https://nodejs.org/en/blog/announcements/nodejs16-eol
- Node 18 has npm 9, so we should be able to use that all the way until 30 April 2025.
Note: Most of the biggest churn and breaking changes happened in npm 7, if I recall correctly / in my subjective recollection.
This was around the time GitHub acquired npm (!), and they (in my subjective opinion), went though a bit of a "move fast, break things" phase. They technically haven't stopped doing the "moving fast" part, I really wish they would focus more on testing changes with the ecosystem, but that is my bias as an end-user-testing-focused contributor to open source projects that apparently use some of npm's most obscure (and so least well preserved) features and quirks. It's just that many of their biggest ideas for "breakin' stuff" got expressed into code by the time npm 7.x was done, and so once we get over that hurdle of getting "somewhere past npm 7", npm 8 and 9 should hopefully be relatively somewhat smoother.
Any alternatives?
Alternatives are to stay on an unsupported npm version (npm 6)...
Which I prefer not to do long-term, so why not get out ahead of the (semi-official unofficial) EOL of npm 6?
Other examples:
No response