#### Meeting from: Wednesday, June 30, 2021, 2:00 PM EST
# Open RFC Meeting (npm)
### Attendees
- Ruy Adorno (@ruyadorno)
- Isaac Z. Schlueter (@isaacs)
- Gar (@wraithgar)
- Luke (@lukekarrys)
### Previous
- https://hackmd.io/eB-9iABaTiSPjsnXmSpVWg
### Agenda
1. **Housekeeping**
1. Introduction(s) (ex. note the name of the call, state the week day & date)
1. [Code of Conduct Acknowledgement](https://www.npmjs.com/policies/conduct)
1. Outline Intentions & Desired Outcomes (ex. want to interact with the community to ensure that there is movement on important issues/ideas for the project)
1. Announcements
1. **Issue**: [#398 [RRFC] Top-level command to manage package.json](https://github.com/npm/rfcs/issues/398) - @ruyadorno
1. **PR**: [#3397 feat(config): add in-range](https://github.com/npm/cli/pull/3397) - @wraithgar
1. **PR**: [#392 RFC: group outdated packages by dependency type](https://github.com/npm/rfcs/pull/392) - @thiagodp
1. **Issue**: [#390 [RRFC] npm publish should fail when the `files` is misconfig in package.json](https://github.com/npm/rfcs/issues/390) - @aladdin-add
1. **PR**: [#343 RFC: npm workspaces: auto switch context based on cwd](https://github.com/npm/rfcs/pull/343) - @ruyadorno
1. **PR**: [#319 feat(multiple-dist-tags): add proposal for multiple dist-tags](https://github.com/npm/rfcs/pull/319) - @wraithgar
1. **PR**: [#182 RFC: npm audit licenses](https://github.com/npm/rfcs/pull/182) - @bnb
1. **Issue**: [#389 [RRFC] Respect platform specific directories for config, data, cache, etc.](https://github.com/npm/rfcs/issues/389) - @natestemen
### Notes
#### **Issue**: [#398 [RRFC] Top-level command to manage package.json](https://github.com/npm/rfcs/issues/398) - @ruyadorno
- Demo `npm pkg` by @ruyadorno
- `npm pgk get` should return the value for a single key or object for multiple keys - @isaacs
- Log a warning when using force with `pkg set` with lost content - @ljharb
- Follow `jq` examples in both view and pkg, starting with npm v8. for now, KISS. - @isaacs
- `--pkg-type` for type casting set values, name to be bikeshed on github - @ruyadorno
#### **PR**: [#3397 feat(config): add in-range](https://github.com/npm/cli/pull/3397) - @wraithgar
- action: remove agenda label, keep draft PR around
#### **PR**: [#392 RFC: group outdated packages by dependency type](https://github.com/npm/rfcs/pull/392) - @thiagodp
- action: remove agenda label, provide feedback to rfc PR
#### **Issue**: [#390 [RRFC] npm publish should fail when the `files` is misconfig in package.json](https://github.com/npm/rfcs/issues/390) - @aladdin-add
- action: say no with clear feedback why. its complicated and guesses user intent
- action: remove from agenda
- can we figure out a heuristic and run it against published packages to see how many would warn? - @ljharb
- can exist in userland
- https://hackmd.io/eB-9iABaTiSPjsnXmSpVWg#Issue-390-RRFC-npm-publish-should-fail-when-the-files-is-misconfig-in-packagejson---aladdin-add
#### **PR**: [#343 RFC: npm workspaces: auto switch context based on cwd](https://github.com/npm/rfcs/pull/343) - @ruyadorno
- Markers could be created on intial reify to avoid perfomance/security footgun
- @ljharb idea: create .npmrc file in all workspace folders pointing back to workspace root
- add `--workspace-root` config value, which is relative path from folder to workspace project root
- on first reify, or `npm init -w <path>`, it'll create the `.npmrc` file in the workspace folder.
- eg, `./packages/foo/.npmrc` would contain `workspace-root=../..`
- this auto-creating behavior could also be opt-out-able
- action: update rfc to do the above
#### **PR**: [#319 feat(multiple-dist-tags): add proposal for multiple dist-tags](https://github.com/npm/rfcs/pull/319) - @wraithgar
- action: remove from agenda
- old versions of npm would silently publish only a single tag
- could use a new config `--dist-tag`?
- if publish isn't atomic with a single PUT and needs to be hacked around, it wouldn't work
#### **PR**: [#182 RFC: npm audit licenses](https://github.com/npm/rfcs/pull/182) - @bnb
- action: remove from agenda, is WIP
#### **Issue**: [#389 [RRFC] Respect platform specific directories for config, data, cache, etc.](https://github.com/npm/rfcs/issues/389) - @natestemen
- @ljharb: strongly suggest dont change the default
- not easy to do without a time machine
- action: say no, its a breaking change for a lot of users
- action: post how to do this with a custom env variable to make npm compatible with XDG
Sign in with Wallet
Connect another wallet