SIGN CONTACT

N|Solid Services Solutions Resources Company IN

〉 US

〉
The NodeSource Blog Search

N E XT P O ST
You have reached the beginning of time!
Choosing the Right Node.js
〉
Package Manager in 2024: A
Comparative Guide

A L L P O STS / H O W TO F E AT U R E D
ARTICLES

Choosing the Right

An Absolute Beginner's
Node.js Package
Manager in 2024: A
Comparative Guide

Guide to Using npm

In Product on Feb 29 2024

Node.js 2023 Year in

Review
In Community on Feb 22
by: Tierney Cyren in How To on Feb 17 2017 2024

Join our Partner

npm Node.js Packages Program!
In Product on Dec 18 2023

SHARE


C AT E G O R I E S

Community

How To

Node.js
Using npm effectively is a cornerstone of modern web development,
NodeSource
no matter if it's exclusively with Node.js, as a package manager or
Product
build tool for the front-end, or even as a piece of workflows in other
languages and on other platforms.

Really understanding npm as a tool, understanding the core concepts,

can be something that's difficult for a beginner - I spent many hours
just trying to figure out small details that would seem minor or be
taken for granted by others.

As such, I've written up a basic and detailed guide for understanding

npm, for those who are entirely new to Node.js, npm, and the
surrounding ecosystem.

An Absolute Beginner's Guide to

package.json
As a general rule, any project that's using Node.js will need to have a
package.json file. What is a package.json file?

At its simplest, a package.json file can be described as a manifest of

your project that includes the packages and applications it depends
on, information about its unique source control, and specific metadata
like the project's name, description, and author.

Let's break down the core parts of a typical package.json file:

Specific Metadata: name, version, description,

license, and keywords

Inside a package.json, you'll almost always find metadata specific to

the project - no matter if it's a web application, Node.js module, or
even just a plain JavaScirpt library. This metadata helps identify the
project and acts as a baseline for users and contributors to get
information about the project.

Here's an example of how these fields would look in a package.json

file:

{
"name": "metaverse", // The name of your project
"version": "0.92.12", // The version of your project
"description": "The Metaverse virtual reality. The final
outcome of all virtual worlds, augmented reality, and the
Internet.", // The description of your project
"main": "index.js"
"license": "MIT" // The license of your project
}

A package.json file is always structured in the JSON format, which

allows it to be easily read as metadata and parsed by machines.

If needing to format a package.json file manually to get your project

up and running seems a bit daunting, there's a handy command that
will automatically generate a base package.json file for you - if you'd
like to learn how to use it, take a peek at the npm init instructions
below!

Understanding and Managing Your Project's

Dependencies: dependencies and
devDepenendcies in your package.json
The other majorly important aspect of a package.json is that it
contains a collection of any given project's dependencies. These
dependencies are the modules that the project relies on to function
properly.
Having dependencies in your project's package.json allows the
project to install the versions of the modules it depends on. By running
an install command (see the instructions for npm install below)
inside of a project, you can install all of the dependencies that are
listed in the project's package.json - meaning they don't have to be
(and almost never should be) bundled with the project itself.

Second, it allows the separation of dependencies that are needed for

production and dependencies that are needed for development. In
production, you're likely not going to need a tool to watch your CSS
files for changes and refresh the app when they change. But in both
production and development, you'll want to have the modules that
enable what you're trying to accomplish with your project - things like
your web framework, API tools, and code utilities.

What would a project's package.json look like with dependencies

and devDependencies ? Let's expand on the previous example of a
package.json to include some.

{
"name": "metaverse",
"version": "0.92.12",
"description": "The Metaverse virtual reality. The final
outcome of all virtual worlds, augmented reality, and the
Internet.",
"main": "index.js"
"license": "MIT",
"devDependencies": {
"mocha": "~3.1",
"native-hello-world": "^1.0.0",
"should": "~3.3",
"sinon": "~1.9"
},
"dependencies": {
"fill-keys": "^1.0.2",
"module-not-found-error": "^1.0.0",
"resolve": "~1.1.7"
 }
}

One key difference between the dependencies and the other common
parts of a package.json is that they're both objects, with multiple
key/value pairs. Every key in both dependencies and
devDependencies is a name of a package, and every value is the
version range that's acceptable to install (according to Semantic
Versioning - to learn more about Semantic Versioning, also known as
semver, check out our primer on semver).

Can't get enough npm? Download our complete guide:

R E A D N O W : T H E U LT I M AT E G U I D E TO N P M 〉

The Essential npm Commands

When using npm, you're most likely going to be using the command
line tool for the majority of your interactions. As such, here's a detailed
rundown of the commands that you'll encounter and need to use most
frequently.

Using npm init to Initialize a

Project
The npm init command is a step-by-step tool to scaffold out your
project. It will prompt you for input for a few aspects of the project in
the following order:
 The project's name,

The project's initial version,

The project's description,

The project's entry point (meaning the project's main file),

The project's test command (to trigger testing with something like
Standard)

The project's git repository (where the project source can be found)

The project's keywords (basically, tags related to the project)

The project's license (this defaults to ISC - most open-source

Node.js projects are MIT)

It's worth noting that if you're content with the suggestion that the npm
init command provides next to the prompt, you can simply hit
Return or Enter to accept the suggestion and move on to the next
prompt.

Once you run through the npm init steps above, a package.json file
will be generated and placed in the current directory. If you run it in a
directory that's not exclusively for your project, don't worry!
Generating a package.json doesn't really do anything, other than
create a package.json file. You can either move the package.json
file to a directory that's dedicated to your project, or you can create an
entirely new one in such a directory.

H O W TO U S E NPM INIT :

npm init # This will trigger the initialization

Using npm init --yes to Instantly Initialize a
Project

If you want to get on to building your project, and don't want to spend
the (albeit brief) time answering the prompts that come from npm
init , you can use the --yes flag on the npm init command to
automatically populate all options with the default npm init values.

“
Note: You can configure what these default values are with the npm
configuration - that's a more advanced topic, and outside the scope
of this beginner's guide to npm.

That said, if you're interested in setting that up, you can learn how
to set these defaults in the eleventh tip of our npm tricks article.
”

USAGE:

npm init --yes # This will trigger automatically populated

initialization.

Install Modules with npm

install
Installing modules from npm is one of the most basic things you
should learn to do when getting started with npm. As you dive deeper,
you'll begin to learn some variations on installing modules, but here's
the very core of what you need to know to install a standalone module
into the current directory:
 npm install <module>

In the above command, you'd replace <module> with the name of the
module you want to install. For example, if you want to install Express
(the most used and most well known Node.js web framework), you
could run the following command:

npm install express

The above command will install the express module into

/node_modules in the current directory. Whenever you install a
module from npm, it will be installed into the node_modules folder.

In addition to triggering an install of a single module, you can actually

trigger the installation of all modules that are listed as dependencies
and devDependencies in the package.json in the current directory.
To do so, you'll simply need to run the command itself:

npm install

Once you run this, npm will begin the installation process of all of the
current project's dependencies.

As an aside, one thing to note is that there's an alias for npm install
that you may see in the wild when working with modules from the
ecosystem. The alias is npm i , where i takes the place of install .

This seemingly minor alias is a small gotcha for beginners - including

myself, several times when I was learning - to the Node.js and npm
ecosystems, as there's not a standardized, single way that module
creators and maintainers will instruct on how to install their module.
USAGE:

npm install <module> # Where <module> is the name of the

module you want to install
npm i <module> # Where <module> is the name of the module
you want to install - using the i alias for installation

Install modules and save them to your

package.json as a dependency
As with npm init , the npm install command has a flag or two that
you'll find useful in your workflow - it'll save you time and effort with
regard to your project's package.json file.

When you're running npm install to install a module, you can add
the optional flag --save to the command. This flag will add the
module as a dependency of your project to the project's
package.json as an entry in dependencies .

USAGE:

npm install <module> --save # Where <module> is the name

of the module you want to install

Install Modules and Save Them to Your

package.json as a Developer dependency
There's a flag that is nearly an exact duplicate, in terms of functionality,
of the --save flag when installing a module: --save-dev . There are a
few a key differences between the two - instead of saving the module
being installed and added to package.json as an entry in
dependencies , it will save it as an entry in the devDependencies .

The semantic difference here is that dependencies are for use in

production - whatever that would entail for your project. On the other
hand, devDependencies are a collection of the dependencies that are
used in development of your application - the modules that you use to
build it, but don't need to use when it's running. This could include
things like testing tools, a local server to speed up your development,
and more.

USAGE:

npm install <module> --save-dev # Where <module> is the

name of the module you want to install

Install Modules Globally on your System

The final, and most common, flag for npm install that you should
are the flags to install a module globally on your system.

Global modules can be extremely useful - there are tons tools, utilities,
and more for both development and general usage that you can install
globally to use.

To install a module from npm globally, you'll simply need to use the --
global flag when running the install command to have the module
install globally, rather than locally (to the current directory).

“
Note: One caveat with global modules is that, by default, npm will
install them to a system directory, not a local one. With this as the
 default, you'll need to authenticate as a privileged user on your
system to install global modules.

As a best practice, you should change the default installation

location from a system directory to a user directory. If you'd like to
learn to do this, take a peek at the seventh tip in our npm tricks
article!
”

USAGE:

npm install <module> --global # Where <module> is the name

of the module you want to install globally
npm install <module> -g # Where <module> is the name of
the module you want to install globally, using the -g
alias

Want to keep going?

If you want to keep learning about npm and all its facets, I've got a few
awesome things for you. A bit ago, we shared a few npm tricks to
knock your wombat socks off. Even better, we wrote a follow-up with
even more npm tricks! This beginner's guide is a great springboard to
get off the ground, and both of those will help you start optimizing
your work with npm! If you'd like to go even further with npm and start
deploying Node.js apps and npm modules into production, you should
definitely take a look at NodeSource Certified Modules - it's an
awesome tool that'll compliment your newly acquired npm skills!
The NodeSource platform offers a high-definition view of
the performance, security and behavior of Node.js
applications and functions.

STA R T F O R F R E E

  
© 2024 NodeSource
W H AT W E D O S O LU T I O N S LEARN CO M PA N Y

N|Solid Microservices Blog Contact Us

Product Pricing High Traffic Resources About NodeSource
NodeSource Services Legacy Applications Support Portal Press
Internet of Things Documentation Legal
Privacy Policy