Cli Alternatives

cli reviews and mentions

• NPM packages from RedHat have been compromised
  11 projects | news.ycombinator.com | 1 Jun 2026

  They have taken action as of very recently. The latest version [1] of npm warns when there are install scripts and tells you they will be disabled by default in a future version, with a per-dependency opt in mechanism [2].

  [1] https://github.com/npm/cli/releases/tag/v11.16.0

  [2] https://github.com/npm/rfcs/pull/868

• NPM introduces allowScripts opt-in install-script policy
  1 project | news.ycombinator.com | 29 May 2026
• Maybe you shouldn't install new software for a bit
  4 projects | news.ycombinator.com | 7 May 2026
• The NPM CLI has 65 production dependencies from the NPM registry
  1 project | news.ycombinator.com | 30 Apr 2026
• This specific GitHub issue is crashing
  1 project | news.ycombinator.com | 31 Mar 2026
• Axios Compromised on NPM – Malicious Versions Drop Remote Access Trojan
  14 projects | news.ycombinator.com | 30 Mar 2026

  Pnpm did this first but I’m glad to see all the others follow suit

  For anyone wondering, you need to be on npm >= 11.10.0 in order to use it. It just became available Feb 11 2026

  https://github.com/npm/cli/releases/tag/v11.10.0

• Meeting you where you are at: Gemini CLI on AWS CloudShell
  2 projects | dev.to | 4 Mar 2026

  npm warn deprecated prebuild-install@7.1.3: No longer maintained. Please contact the author of the relevant native addon; alternatives are available. npm warn deprecated node-domexception@1.0.0: Use your platform's native DOMException instead npm warn deprecated glob@10.5.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me added 624 packages in 37s 175 packages are looking for funding run `npm fund` for details npm notice npm notice New major version of npm available! 10.8.2 -> 11.11.0 npm notice Changelog: https://github.com/npm/cli/releases/tag/v11.11.0 npm notice To update run: npm install -g npm@11.11.0 npm notice ~ $

• NVM Install Guide - Node Version Manager
  1 project | dev.to | 28 Dec 2025

  nvm npm_mirror [url]: Sets npm mirror. Default is https://github.com/npm/cli/archive/. If url is not specified, the default url is used. After setting, you can check in the settings.txt file in the installation directory, or modify it directly in that file.

• Show HN: Safe-NPM – safely install well baked NPM packages
  2 projects | news.ycombinator.com | 23 Nov 2025

  I recently learned that this is a feature in npm as well: the `--before` flag to `npm install`. It was harder than it should've been to figure that out; it really needs to be better marketed.

  Related to that is the proposal for `stabilityDays`, which seems way more practical: https://github.com/npm/cli/issues/8570#issuecomment-33004136.... So instead of saying "I only want package versions more than N days old", you'd be saying that "...and also they should have gone at least N days without a subsequent patch release". e.g. if mylib@6.0.0 is released, only to be quickly followed by v6.0.1 and v6.0.2, you ideally wouldn't want to risk installing the probably-broken 6.0.0 or 6.0.1 based on luck of the draw; the better behavior would be to install the previous 5.x release until 6.0.2 has aged past the threshold.

• Data package
  3 projects | dev.to | 1 Nov 2025

  npm Repository Yarn Repository pnpm Repository

• A note from our sponsor - SaaSHub
  www.saashub.com | 16 Jun 2026

  SaaSHub helps you find the best software and product alternatives Learn more →