Node.js 6.0 has been released, becoming the new current version. It comes with performance improvements, better test and documentation coverage, better security and wide support for ES2015.
Npm has issued an updated policy on what happens when a user wants to remove one of their packages from the publishing system.
The NPM project has formally acknowledged a long-standing security vulnerability in which it is possible for malicious packages to run arbitrary code on developer's systems, leading to the first NPM created worm. With the recent problems with NPM, is it safe to use any more? InfoQ investigates.
According to Isaac Z. Schlueter, the creator of npm, two days ago the npm registry started to report hundreds of failed builds per minute. Users worldwide could not install or build certain Node.js packages. Thousands of dependent packages were broken including Babel, Atom, Ember, React Native and many other packages depending on line-numbers. What happened?
Lodash 4.0.0 has been released. This new version adds a new, smaller core library and includes plenty of new features and breaking changes. Support for IE 6-8 has been dropped and the library is no longer available on Bower.
The Node.js Foundation have released Argon, the first Node.js release covered under the Long Term Support plan.
The beta of npm 3.0 has been released, with an almost complete rewrite of its installer bringing good news for running Node.js on Windows. Announcing the release, Rebecca Turner said the npm team were "delighted and proud" to be getting the 3.0 beta out, and that they were "looking forward to working with the npm user community to get it production-ready as quickly as possible."
Members of the AngularJS and React.js teams got together last week to discuss what they've been working on and areas where they can collaborate. While there are a lot of similarities between the projects, there is virtually no chance they will ever merge.
NPM has released the SemVer calculator, a tool to help developers determine if a SemVer selector string matches the correct versions.
Node.js standard package manager, npm, has reached version 2.0. Among npm's new features, scoped packages promise to make it easier to manage private Node.js modules, just as if they were part of the public repository. The new version also marks the introduction of a new release process and offers improved reliability.
The latest jQuery can be obtained from npm and Bower, has some performance improvements and bug fixes.
Shortly after Google announced their Mobile Backend Starter for Android applications, Microsoft has announced the extension of their Azure mobile services adding support for Custom APIs, Git, NPM, Android Push Notifications, and a free SQL DB.
The Meteor Development Group released Meteor 0.6.0 on April 4th as a major overhaul to its package management system as well as growing NPM package support.
Since its 1.0 release last month, the Node Package Manager has had a number of point revisions and is being increasingly used to manage Node.js runtimes.