Epic: Linked Install Strategy

[darcyclarke]

Summary

npm should be competitive in terms of performance & security as a package manager. Learning from the ecosystem, we can take some of the best ideas introduced by tools, such as pnpm, & bring them back into the core experience via configuration (ex. new reification modes).

Exit Criteria

• create RFC for shared vs. isolated dependencies
• implement RFC #42
• standardize reification modes (ex. --global-style & --legacy-bundling)
• write test cases
• document feature-set
• provide benchmarks
• Reify store links #620
• Outlook o365 build with npm gap analysis #621

[darcyclarke]

Update

• @VincentBailly landed RFC
• @VincentBailly completed initial POC
• @fritzy & @VincentBailly collaborated & completed mapping out phased approach to this work
• @VincentBailly is adding test coverage to help define implementation
• @fritzy is working on platform-level changes to make these changes easier to support/maintain long-term

[fernandopasik]

create RFC for shared vs. isolated dependencies|

Is the first point the RFC that was already approved or we are missing a different one? The link points to this same github issue

[fritzy]

TODOS:

• fix MacOS compatibility
• check OS portability
• check pack behavior
• check updated behavior
• fix performance (caching?) cache-only benchmark performance

[darcyclarke]

Update (Oct 31st)

• this work was put on hold as we queued up the v9.0.0 release
• this work is now getting picked up again & should land this quarter
• there is a corresponding open PR with the work at 80-90% completion here: feat: added linked install strategy cli#5492

[darcyclarke]

Trending

🟡 at risk

Update (Nov 8th)

• @fritzy is OOO this week but will pick up this work when he's back
  • ref. feat: added linked install strategy cli#5492
• Competing work (ex. Package Security & build provenance) & significant PTO/STO/OOO (Thanksgiving, Winter Holidays, Vacation etc.) is likely to imped our team's ability - at this point - to properly review & support @fritzy to ship this before end of quarter
• Flagging this as "at risk" of shipping based on the above

[darcyclarke]

Trending

🟡 at risk

Update (Nov 22nd)

• @fritzy continues to make progress cleaning up the open PR & resolving bugs
• Status of the work remains at risk to finish this quarter given the previous outlined competing priorities & significant OOO
• @darcyclarke will opening a release issue this week to coordinate this work
• @darcyclarke / @fritzy to begin drafting a blog post (will engage partners for help there)

[fritzy]

Trending

🟡 at risk

Update (Dec 5th)

• Work continues on the PR
• Work started on a release blog post
• start npm CLI team review of PR
• engage with MS o365 contacts to test on their monorepos
• write blog post

Risks

• PTO/OOO time in December for team and contacts
• Recent departure of team lead, coordination more difficult

[fritzy]

Trending

🟡 at risk

Update (Dec 12th)

• Existing PR updated
• Potential initial release this week
• engage with MS o365 contacts on migrating monorepos
• write release blog post

Risks

• PTO/OOO time in December for team and contacts

[fritzy]

Trending

🟡 at risk / late

Target Date: 18th-Jan-2023

Update (Jan 4th)

• Existing PR updated
• Testing
• engage with MS o365 contacts on migrating monorepos
• write release blog post

[fritzy]

Trending

🟡 at risk / late

Target Date: 18th-Jan-2023

Update (Jan 10th)

• experiment last week with approach that had less edge cases
• implement lessons learned from last week
• release Jan 18th
• engage with MS o365 contacts on migrating monorepos (today)
• write release blog post

[saquibkhan]

@fritzy As planned are we good for the soft release today?

[fritzy]

Trending

🟡 at risk / late

Target Date: 25th-Jan-2023

Update (Jan 18th)

• implement lessons learned from last week (new branch is ready for team review)
• release Jan 25th (pushed back due to personal illness)
• engaged with MS o365 contacts on migrating monorepos (today)
• write release blog post (after soft release and feedback)

[fritzy]

@saquibkhan I reached out today to Jonathan Creamer at MS to try the new branch (https://github.com/npm/cli/tree/fritzy/linked-install3). My unexpected illness means that the team didn't get a chance to review this new branch, so that's the next step so that we can roll it into the next release.

[fritzy]

Trending

🟢 Launched

Target Date: 25th-Jan-2023

Worked through bugs and feedback for soft-launch. Now working more with Microsoft to test on their repos, and a blog post to announce.

Update (Jan 25th)

• released v9.4.0 npm install --install-strategy=linked
• write release blog post (after soft release and feedback)

[raiyanalam]

Closing this issue. Next developments in this area will be tracked here: #639
cc: @saquibkhan