- Darcy Clarke (@darcyclarke)
- Nathan Fritz (@fritzy)
- Ruy Adorno (@ruyadorno)
- Jordan Harband (@ljharb)
- Owen Buckley (@thescientist13)
- Housekeeping
- Introduction(s)
- Code of Conduct Acknowledgement
- Outline Intentions & Desired Outcomes
- Announcements
- PR: #525 Stop storing `integrity` for git dependencies - @nlf
- @ruyadorno
- what if we steered users away from git dependencies in general?
- maybe we throw warnings
- maybe we start notifying we're deprecating
- definitely on board with this idea
- @ljharb
- git deps should only be for development
- how do file dependencies behave? we should mimic that experience
- @fritzy
- we should warn when we see transitive dependencies that are gi deps
- @ljharb
- maintainers would have to fork & publish
- deprecation indicates discouragement
- not sure this is a good thing in anyway
- @ruyadorno
- we could do this under a config value to skip git dependencies (ex.
--ignore-git-deps
)
- we could do this under a config value to skip git dependencies (ex.
- @ljharb
- Node has a Policies feature
- npm could/should probably support this
- Package authors' declared policies / capabilities
- PR: #522 Option for npm diff to ignore cr at eol - @oBusk
- @ruyadorno
- we should do whatever
git diff
does/supports - lets follow the naming of the
git
flag - keep open for another week & then ratify
- we should do whatever
- @fritzy
- clarify they are not the author
- should be careful about what hooks we add as features
- WIP RFC
- PR: #519 RFC: Package Distributions - @darcyclarke
- @darcyclarke
- no updates yet but seeing a lot of traction in the community
- @ruyadorno
- are we going to open a diff PR for the "Expanding optional dependencies conditions"?
- this would mean it's easier/faster to get market validation
- Actions:
- @darcyclarke Schedule a working session to review Package Distributions & Optional Dependenyc Conditionals
- Issue: #438 [RRFC] Add libc fields to select optionalDependencies should be installed or skipped - @Brooooooklyn
- @ljharb where are we with staged releases?
- @bnb
npm audit license
work?