dfpm

dfpm

A developer friendly JavaScript package manager.

Goals:

• Developer productivity with existing JavaScript ecosystem and tooling
• The best performance achievable with Node.js
• Good explanation of package manager behavior - why the dependency is placed here or there during installation, what factors contributed to this decision and what to do to make the dependency singular for the project
• Fine-grained control of package manager behavior for various types of workflows
• Experimental features that has good compatibility with current JavaScript ecosystem

Implemented experimental features:

• Reproducible installs without "fat" lockfiles. lockTime field is used instead in the package.json file to fixate the time of install. On subsequent installs the highest dependency versions are picked that were published before lockTime. When new dependencies added to the project that were published after lockTime their ranges are resolved to the minimal satisfying version (typically the ranges of newly added dependencies are the latest at the moment when they are added to the package.json).

Usage:

1. Install dfpm globally first:

npm i -g dfpm

1. Run installation within your Node.js project directory:

dfpm

1. Run script foo from package.json:

dfpm foo

1. Add/remove packages to your project:

dfpm add lodash

1. Get command line help:

dfpm -h