snpmv2026.1.7

Roadmap

The future of snpm, tracked.

View as MarkdownView source

Roadmap

This page tracks snpm's feature development. We're building a fast, secure, and user-friendly package manager that matches and exceeds pnpm's feature set.

Implemented

Features that are already available in the current version of snpm.

Core CLI

  • Full command suite (install, add, remove, run, init, upgrade, outdated)
  • Production installs (--production flag)
  • Global package support (snpm add -g, snpm list -g)
  • Script execution (run, exec, dlx)
  • Package patching (snpm patch edit/commit/remove/list)
  • Cache management (snpm clean)
  • Configuration display (snpm config)
  • Authentication (snpm login, snpm logout)

Package Resolution

  • Global Store with parallel downloads
  • Lockfile (snpm-lock.yaml) read/write and reuse
  • Semver support (including latest, || ranges, complex expressions)
  • Virtual store layout (.snpm/ directory)
  • Multiple link backends (auto, hardlink, symlink, copy)
  • Configurable hoisting (none, single-version, all)

Workspaces

  • First-class workspace support (snpm-workspace.yaml, pnpm-workspace.yaml)
  • Local package resolution (workspace protocol workspace:*)
  • Single lockfile for the entire workspace
  • Targeted commands (snpm add -w <project>, snpm install -w <project>)
  • Recursive scripts (snpm run build --recursive, --filter)
  • Catalog protocol (snpm-catalog.yaml)

CI/CD & Security

  • Frozen lockfile mode (--frozen-lockfile / --immutable)
  • Minimum version age protection against zero-day attacks
  • Install script blocking with explicit whitelist
  • Registry authentication (Bearer/Basic, scoped registries)

Protocols

  • npm: registry packages
  • file: local filesystem dependencies
  • git: git repository dependencies
  • jsr: JSR registry support
  • catalog: version catalog references

Quality of Life

  • Lazy install on run/exec if deps are stale
  • Verbose logging (--verbose, SNPM_VERBOSE)
  • Overrides support (snpm-overrides.yaml, package.json)
  • Peer dependency handling with configurable strictness

Planned

Upcoming features and improvements.

Performance

  • Smarter reuse of resolution graphs within a workspace
  • Incremental lockfile updates for faster add/remove

Developer Experience

  • snpm why <package> to explain dependency paths
  • snpm prune to remove extraneous packages
  • Interactive upgrade mode

Publishing

  • snpm publish with workspace support
  • snpm pack to create tarballs

Advanced Features

  • Side effects cache for install scripts
  • Pluggable lifecycle hooks

Comparison

How snpm compares to npm, yarn, and pnpm

Troubleshooting

Common issues and how to fix them

On this page

RoadmapImplementedCore CLIPackage ResolutionWorkspacesCI/CD & SecurityProtocolsQuality of LifePlannedPerformanceDeveloper ExperiencePublishingAdvanced Features