This tutorial goes from how to install NPM to manage packages dependencies. While we are doing this, we will use practical examples to drive the concepts home.
Node Package Manager (NPM) is a CLI tool to manage dependencies. It also allows you to publish packages to the NPM website and find new modules.
In this section, we are going to get hands on NPM. We will cover from how to install it to how to download, uninstall and manage packages. While we are doing this we will use practical examples to drive the concepts home.
NPM is bundle into the Node installation. So, if you have Node, then you have NPM already. But, NPM gets updated more often than Node. So, from time to time you need to get the latest version.
You can check the NPM version and install latest by running:
You can also use the shortcut for
npm install like
Node projects and packages use a special file called
package.json. It contains dependencies and more information to run the project. Let’s start by creating that using the
npm init command. We are going to call our project
meanshop2, but call it whatever you want ;)
This set of commands created a new folder called
init command will create
package.json file for us. The
--yes option go with the defaults. Otherwise, it will ask us to fill out every property in package.json.
Feel free to edit any of the properties values, such as author, description. Notice, that version starts with
1.0.0. We are going to talk more about versioning later on this tutorial.
You can download NPM packages using
npm install <package_name>. By default, npm will grap the latest version, but you can also expecify an exact verision.
Let’s install two packages
express as follows:
npm install is going to create a new folder called
node_modules. This is where all the dependencies live.
Notice that for the second package we are specifying the exact version. You can use the
@ symbol and then the version number.
Go to your
package.json and verify that they both are listed as dependencies. You can install all the dependencies by running this command:
NPM will add packages to dependencies if you use the
--save flag. Otherwise
npm won’t include it. To automate the process you can run:
save=true will make that the packages get auto-installed.
save-exact=true will lock the current version and prevent automatic updates and break the project.
To sum up, here are the commands
Usually, you use
--save when you need use package that is not part of the project. For instance, testing libraries, building assets tools, etc.
You can search for all NPM modules on npmjs.com
Sometimes is useful to see the list of packages that you have installed on your system. You can do that with the following commands:
You can use
--depth=0 to prevent listing the dependencies’ dependencies.
Semantic Versioning (SemVer) is versioning convention composed of three numbers:
Major.Minor.Patch or also
- Major releases: breaking changes. Major changes that change (breaks) how the API worked before. For instance, removed functions.
- Minor releases: new features. Changes that keeps the API working as before and adds new functionality.
- Patch releases: bug fixes. Patches doesn’t add functionality nor removes/changes functionality. It’s scope only to bug fixes.
You can specify on the
package.json how packages can be updated. You can use
~ for updating patches.
^ for upgrading minor releases and
* for major releases.
- Patch releases:
- Minor releases:
- Major releases:
As you could imagine, not all developers respect the Semantic Version rules. Try to follow the rules yourself, but don’t trust that all will do. You can have your project working well with a
1.0.8 version and all in a sudden it breaks with
1.0.9. It happened to me before, so I prefer to use:
--save-exact, when makes sense.
You can uninstall NPM packages using the following commands:
NPM is a powerful tool. It helps us to create Node projects/modules, manage its dependencies and much more. In this section, we covered the main commands that you would most often.
Furthermore, we cover SemVer. It is used in many systems (Ruby Gems, etc.) not just in the Node community. SemVer is three-part number versioning system: Major.Minor.Patch. You can also think as Breaking.Feature.Patch.