Skip to main content

NPM

npm is the standard for installing global executable tools, while yarn is the standard for managing your project's dependencies.

NPM Setup​

PATH setup for NPM export PATH="/usr/bin:$PATH"

export PATH="/home/your-username/.npm-global/bin:\$PATH" # Add npm bin PATH

Verify​

which npm

npm root -g

List Global Packages​

npm list --g

Updating npm dependencies​

Find out the packages that need to be updated​

npm outdated
npm outdated -g --depth=0

Update local packages according to package.json​

npm update

Upgrade packages manually​

npm update [-g] [<pkg>...]
npm install --save[-dev] <package_name>@latest

Alternatively, you can use npm-check to perform an interactive upgrade:

npm-check -u --skip-unused

Locking package versions​

Starting from npm@5 a new package-lock.json file is automatically generated when using npm install commands, to ensure a reproducible dependency tree and avoid unwanted package updates.

If you use a previous npm version, it is recommended to use npm shrinkwrap to lock down all your dependencies version:

npm shrinkwrap --dev

This will create a file npm-shrinkwrap.json alongside your package.json files.

Do not forget to run shrinkwrap each time you manually update your dependencies!

aliases: up, upgrade

Setup​

Proxy Variables​

In technology, a proxy refers to an intermediary server that acts as a gateway between a user's device and the internet. It routes internet requests through itself, masking the user's IP address and enhancing online privacy. When a user sends a request, the proxy server processes it, forwards it to the destination server, and then sends the response back to the user. This functionality is commonly used for various purposes, including improving security, managing traffic, and accessing restricted content.

npm config ls -l | grep config

initialize new project​

  • Create an empty directory and initialize it as npm using npm init.
  • It will ask you to construct your package.json file.
  • If you feel lazy like me to hit enter many times, then go with shorthand script npm init --yes.

License Question​

  • ISC is default

if you do not wish to grant others the right to use a private or unpublished package under any terms:

{ "license": "UNLICENSED" }

Consider also setting "private": true to prevent accidental publication.

npm install​

-S or --save if you need the package for the application to run -D or --save-dev if it's for testing

NPX​

  • Executing one-off commands
  • Run commands with different Node.js versions

your customizable NPM profile​

img

npm Dependencies​

  1. Dev vs Prod: Your app needs Dev dependencies to build and test, and Prod dependencies to run.
  2. Direct vs Indirect: Your app only explicitly requires Direct dependencies, but your quality, legal and security reviews should cover the (larger number of) Indirect dependencies as well.
  3. Package vs Version: Your deployed app is impacted by the specific Version of each dependency, but your project relies on each dependent Package to keep working.
  4. Logical vs Disk: The Logical tree of dependencies in your app can change substantially when installed on Disk, be sure to versions that were actually installed.
  5. Path vs Unique: When counting your dependencies, be sure to separate the number of unique dependencies from dependency paths, to properly estimate the size of a task or problem.

Loading from node_modules Folders​

Loading from node_modules Folders#​

If the module identifier passed to require() is not a core module, and does not begin with '/', '../', or './', then Node.js starts at the parent directory of the current module, and adds /node_modules, and attempts to load the module from that location. Node.js will not append node_modules to a path already ending in node_modules.

If it is not found there, then it moves to the parent directory, and so on, until the root of the file system is reached.

For example, if the file at '/home/ry/projects/foo.js' called require('bar.js'), then Node.js would look in the following locations, in this order:

  • /home/ry/projects/node_modules/bar.js
  • /home/ry/node_modules/bar.js
  • /home/node_modules/bar.js
  • /node_modules/bar.js

This allows programs to localize their dependencies, so that they do not clash.

It is possible to require specific files or sub modules distributed with a module by including a path suffix after the module name. For instance require('example-module/path/to/file') would resolve path/to/file relative to where example-module is located. The suffixed path follows the same module resolution semantics.