Appearance
npm Package Manager
Comprehensive npm (Node Package Manager) commands and workflows for JavaScript and Node.js development.
Installation & Setup
Install Node.js and npm
bash
# Using Node Version Manager (recommended)
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
nvm install node
nvm use node
# Direct download from nodejs.org
# Or using package managers:
# macOS: brew install node
# Ubuntu: sudo apt install nodejs npm
# Windows: choco install nodejsBasic Package Operations
| Command | Description |
|---|---|
npm install package_name | Install package locally |
npm install -g package_name | Install package globally |
npm uninstall package_name | Uninstall package |
npm update | Update all packages |
npm update package_name | Update specific package |
npm list | List installed packages |
npm list -g | List global packages |
Project Management
Project Initialization
| Command | Description |
|---|---|
npm init | Initialize new project |
npm init -y | Initialize with defaults |
npm init @scope | Initialize with scoped template |
npm create package_name | Create project with template |
Dependency Management
| Command | Description |
|---|---|
npm install | Install all dependencies |
npm install --save package | Install and save to dependencies |
npm install --save-dev package | Install and save to devDependencies |
npm install --save-optional package | Install as optional dependency |
npm install --no-save package | Install without saving |
Package Information
| Command | Description |
|---|---|
npm search keyword | Search for packages |
npm info package_name | Show package information |
npm view package_name | View package details |
npm outdated | Show outdated packages |
npm audit | Check for vulnerabilities |
npm audit fix | Fix vulnerabilities |
Scripts and Execution
Script Management
| Command | Description |
|---|---|
npm run script_name | Run custom script |
npm start | Run start script |
npm test | Run test script |
npm run build | Run build script |
npm run dev | Run development script |
Example package.json Scripts
json
{
"scripts": {
"start": "node server.js",
"dev": "nodemon server.js",
"build": "webpack --mode production",
"test": "jest",
"lint": "eslint src/",
"format": "prettier --write src/"
}
}Version Management
Semantic Versioning
| Command | Description |
|---|---|
npm version patch | Increment patch version |
npm version minor | Increment minor version |
npm version major | Increment major version |
npm version prerelease | Create prerelease version |
Package Installation by Version
| Command | Description |
|---|---|
npm install package@1.2.3 | Install specific version |
npm install package@latest | Install latest version |
npm install package@next | Install next/beta version |
npm install package@^1.2.0 | Install compatible version |
Configuration
npm Configuration
| Command | Description |
|---|---|
npm config list | Show configuration |
npm config get key | Get configuration value |
npm config set key value | Set configuration value |
npm config delete key | Delete configuration |
Common Configuration
| Setting | Description |
|---|---|
npm config set registry https://registry.npmjs.org/ | Set registry |
npm config set init-author-name "Your Name" | Set default author |
npm config set init-license "MIT" | Set default license |
npm config set save-exact true | Save exact versions |
.npmrc File
ini
# Project .npmrc
registry=https://registry.npmjs.org/
save-exact=true
engine-strict=true
fund=false
audit-level=moderate
# Global .npmrc (~/.npmrc)
init-author-name=Your Name
init-author-email=your.email@example.com
init-license=MITPublishing
Package Publishing
| Command | Description |
|---|---|
npm login | Login to npm registry |
npm whoami | Check logged in user |
npm publish | Publish package |
npm publish --access public | Publish scoped package publicly |
npm unpublish package@version | Unpublish specific version |
Publishing Workflow
bash
# 1. Update version
npm version patch
# 2. Build package
npm run build
# 3. Test package
npm test
# 4. Publish
npm publish
# 5. Tag release
git tag v1.0.0
git push origin v1.0.0Advanced Usage
Workspaces (npm 7+)
json
{
"name": "my-monorepo",
"workspaces": [
"packages/*",
"apps/*"
]
}| Command | Description |
|---|---|
npm install --workspaces | Install all workspace dependencies |
npm run test --workspaces | Run tests in all workspaces |
npm run build --workspace=package-a | Run command in specific workspace |
Package Linking
| Command | Description |
|---|---|
npm link | Create global link |
npm link package_name | Link to global package |
npm unlink package_name | Unlink package |
Cache Management
| Command | Description |
|---|---|
npm cache verify | Verify cache integrity |
npm cache clean --force | Clear cache |
npm cache ls | List cached packages |
Security
Security Auditing
| Command | Description |
|---|---|
npm audit | Check for vulnerabilities |
npm audit --audit-level high | Check high severity only |
npm audit fix | Fix vulnerabilities automatically |
npm audit fix --force | Force fix (may break changes) |
Package Verification
| Command | Description |
|---|---|
npm pack | Create tarball |
npm pack --dry-run | Show what would be packed |
npm install package.tgz | Install from tarball |
Performance Optimization
Faster Installation
bash
# Use npm ci for CI/CD
npm ci
# Parallel installation
npm install --prefer-offline
# Skip optional dependencies
npm install --no-optional
# Production only
npm install --productionAlternative Package Managers
| Manager | Installation | Benefits |
|---|---|---|
| Yarn | npm install -g yarn | Faster, deterministic |
| pnpm | npm install -g pnpm | Disk space efficient |
| Bun | curl -fsSL https://bun.sh/install | bash | Extremely fast |
Troubleshooting
Common Issues
| Problem | Solution |
|---|---|
| Permission errors | Use nvm or fix permissions |
| Package conflicts | Delete node_modules and reinstall |
| Outdated npm | npm install -g npm@latest |
| Registry issues | npm config set registry https://registry.npmjs.org/ |
Debugging
| Command | Description |
|---|---|
npm doctor | Check npm environment |
npm ls | Check dependency tree |
npm ls --depth=0 | Show top-level dependencies |
npm why package_name | Show why package is installed |
Reset and Clean Install
bash
# Clean install
rm -rf node_modules package-lock.json
npm install
# Clear npm cache
npm cache clean --force
# Reset npm configuration
npm config editBest Practices
Package.json Management
json
{
"name": "my-project",
"version": "1.0.0",
"description": "Project description",
"main": "index.js",
"engines": {
"node": ">=16.0.0",
"npm": ">=8.0.0"
},
"dependencies": {
"express": "^4.18.0"
},
"devDependencies": {
"jest": "^29.0.0",
"eslint": "^8.0.0"
},
"peerDependencies": {
"react": ">=16.0.0"
}
}Development Workflow
- Version Pinning: Use exact versions for critical dependencies
- Lock Files: Commit package-lock.json to version control
- Security: Regular security audits with
npm audit - Testing: Test before publishing with
npm pack - Documentation: Maintain comprehensive README
Performance
- CI/CD: Use
npm ciin continuous integration - Caching: Leverage npm cache in CI environments
- Selective Installation: Use
--productionfor production builds - Alternative Managers: Consider yarn or pnpm for large projects
- Registry: Use private registry for internal packages