0.10 and 0.12 LTS and npm #64
Comments
|
+1 for leaving things as they are, and here is why I think that is the best move. If we go back to use the bundled version of npm for v0.10 and v0.12 this will effectively downgrade npm for existing users of those images. This will definitely be more confusing than those who are just switching to one of those images and expecting there to be an older version of npm for those versions. |
|
Yeah, the more I think about it the more I agree. Downgrading npm would be a bad user experience. |
|
The latest 0.12 image will have the latest node as per #69 |
|
Closing since we generally agreed that updating npm was the preferred way to go. |
|
One thing we didn't consider is that the previous 0.10 and 0.12 images were never updated to an npm v3.x.x version. They were just updated to the latest v2 release. |
|
Ok, what about leaving npm to the latest v2 version for both 0.10 and 0.12 images? |
|
I'd prefer not to do that and to just stick to what gets distributed with the respective 0.10 release. I'm assuming that npm will be periodically updated during the 0.10 and 0.12 release cycle and we should ship the version of npm that's expected. Also, I'd prefer to keep things consistent with the v5 and v4 releases where we don't touch npm at all. Messing with the npm version seems like a big bag of hurt at this point that I'd rather avoid. |
|
As an aside, I think part of the problem here is that we just didn't know what would break. We need to revisit looking at some kind of automated smoke testing to catch this kind of thing I guess. |
I agree with this. |
|
Yes, I agree that we should not mess with the npm versions but this would downgrade npm for existing 0.10 Docker Image users? |
|
Right... So currently for 0.10 we are updating to 2.14.1. We could either:
I think perhaps we should leave it for now then remove the npm update code from the 0.10 Dockerfiles when a 0.10 release ships with an npm v2 version. |
|
Looking at nodejs/Release#37, it seems that 0.10.42 will include npm v2. Most likely the latest that's available at the time. Assuming that still holds, then I propose we leave |
|
Pull request that removes the npm update logic for 0.12: #73 |
|
Hey @nodejs/docker I need some sign off of #73 fairly soon. With the security update coming this Friday, I'd like to get this resolved before I update 0.10 and 0.12. Also, for the upcoming 0.10 update, I will not be modifying the npm version in the current Docker file (2.14.1). When a 0.10 release lands with npm v2 (presumably 0.10.42), I will remove the npm update logic for the 0.10 image. |
|
Thanks! And merged! |
|
OK, with #74 landed, 0.10 and 0.12 have been updated to the latest. The 0.10 image has npm set to v2.14.1. I also updated the 4.2 and 5.1 images. |
|
@chorrell is it safe to close this? |
|
Yes! |
With the upcoming LTS releases we need to rethink what we've been doing with npm.
For the Node.js 0.10 and 0.12 images we were updating the bundled version of npm to something more current (v3.x). For the LTS releases, I'm not sure if we should still be doing that and instead just stick with the bundled version of npm.
For the v0.10.41 LTS release there will be npm v1.4.29 which will show a deprecation banner every time npm is invoked encouraging people to update to v2.x. The v0.10.42 LTS release will come with npm v2.x. I think we should change the update logic for v0.10.41 LTS so npm is updated to the latest npm v2.x release, then remove it for v0.10.42
For 0.12, we can remove logic that updates npm from the respective docker files entirely for the upcoming LTS release (I'm assuming 0.12.8?). However, I don't know whether the LTS release of 0.12 will come with npm v2.x or v.3.x.
Actually, the more that I think about it maybe we should just leave things as is? From a docker experience, it's probably better to have the latest version of npm with the latest fixes and security patches etc.
Anyway, I wanted to put this out there for broader discussion.
For reference: nodejs/Release#37
The text was updated successfully, but these errors were encountered: