Your comment does not explain why you think that the package management story is better in npm, it's merely like saying "node-gyp is a pile of debt" and not going into details, but I can surely tell I have no idea why node_modules ends up so fat and why my npm install eats a lot of bandwidth, time and disk space ... is npm trying to workaround incompatibilities by installing different versions of a same package in the same node_modules ? I hope not, because that would be just perfect to accumulate debt in the whole ecosystem. Not to mention that I was just handed a frontend source code where building the source requires node-gyp which requires g++ and python2 :)

Quick question since you seem to know npm very well, is there a better solution than this to automate npm package publishing nowadays ?

sed -i "s/GIT_TAG/${CI_COMMIT_REF_NAME/v/}/" package.json

(I don't have this issue with Python's setupmeta)