In my previous article on node.js modules, we discussed third-party modules or packages. This article will focus on the effective management of these modules by utilizing Node.js Package Manager (npm). By the end of this article, you will have the knowledge needed to manage your Node.js modules like a pro.
Packages 🧐
A Package is a file or directory that is described by a package.json
. A Module is any file or directory in the node_modules
directory that can be loaded by the Node.js require()
function.
Don't worry we would get into explaining
package.json
andnode_modules
later on. You can check out my previous article to understand therequire()
function.
In Node.js, a Package is a collection of modules that can be installed, updated, and uninstalled using a Package Manager. These Modules are individual pieces of code that perform a specific task or provide a particular feature. These packages can be either built-in or third-party, and they are used to add functionality to Node.js applications.
Package Manager
A Package Manager is a tool that allows developers to easily manage and install packages.
Some package managers in node.Js include; npm, yarn and pnpm
The most commonly used package manager in Node.js is the Node.js Package Manager (npm).
Node.Js Package Manager(NPM)
NPM allows developers to install, update, and remove packages from their projects. With npm, developers can install packages globally, making them available to all their Node.js projects, or locally, making them specific to a particular project.
Some features of npm;
Package installation and management: NPM allows developers to easily install and manage packages in their Node.js projects.
Version management: NPM allows developers to easily manage the versions of packages they are using, ensuring compatibility and security.
Package publishing: NPM allows developers to easily publish their packages to the npm registry, making them available for others to use. (which is out of the scope of this article)
NPM COMMANDS
npm install
: If a project has apackage.json
file with dependencies listed in it, this command will install all dependencies in thepackage.json
file, into thenode_modules
folder the folder will be created if it is not existing already.npm install package_name
: Installs a single package.npm install package1 package2 .... packageN
: Installs multiple packages, in this case installing N number of packages.npm update
: Updates all packages to the latest version.npm update package_name
: Updates the version of a single package.npm outdated
: Shows outdated packages that need to be updated.npm init
: Creates a newpackage.json
file in the current directory.npm search
: Searches the npm registry for packages.npm audit
: Checks for security vulnerabilities in installed packages.npm list
: Lists all installed packages and their dependencies.
Package Installation
Packages can be installed globally or locally.
Global Package Installation
Installing a package globally makes that package available to all your Node.js projects on your system and allows you to use the code in the package as a set of tools on your local computer.
Global Package Installation in Node.js can be done using the -g
flag.
To download and install packages globally, on the command line, run the following command:
npm install -g package_name
Note: You can run the commands above from any location on your system.
Local Package Installation
Installing a package locally ensures that the package is only available to a specific project or project directory. This is useful when you are working on multiple projects with different dependencies. It also allows you to manage dependencies for each project separately.
To install packages locally navigate to the root directory of your application and run the following command in the terminal:
npm install package-name
Another way of installing locally is using the --save
flag,
npm install package_name --save
Alternatively, if the package to be installed is for testing or development purposes it is best to use the --save-dev
flag:
npm install package_name --save-dev
The --save-dev
is a flag used to save the package as a development dependency (dev dependency) in the package.json
file. Development dependencies are packages that are only required during the development of the project, such as testing frameworks or build tools and are not needed when the project is running in production. The --save-dev
flag helps to separate dependencies based on their usage and ensures that only required packages are installed in production environments, reducing the overall package size and improving performance. Examples of dev dependencies are mocha, gulp, nodemon
and so on.
The commands above will cause NPM to download three items into your project's root directory: a node_modules
folder, a package.json
file, and a package-lock.json
file. We will discuss these items in detail later on in this article.
Note: You must have Node and a package manager (NPM or Yarn) installed on your system for the installation command to work. You can get both by installing the latest LTS or the current version from the Node.js website.
INSTALLATION FLAGS
--save-dev
installs and adds the package to thepackage.json
file devDependencies--no-save
installs but does not add the package to thepackage.json
file dependencies--save-optional
installs and adds the package to thepackage.json
file optionalDependencies--no-optional
will prevent optional dependencies from being installed
Important NPM Files and Directories
node_module
This is the directory that contains all the installed packages for a Node.js project. When you install a package using
npm
, it is downloaded and saved in thenode_modules
folder under your project root directory. It contains subdirectories that represent the packages installed in your project, and each subdirectory contains the package's files and dependencies.When you require a module in your Node.js project using the
require()
function, Node.js looks for the module in thenode_modules
folder, and when the module is found, it loads the module. If the module is not found in thenode_modules
folder, Node.js will look for it in the global modules directory and if not found globally it throws an error.It is important to note that you should not manually modify or delete files in the
node_modules
folder, as this can cause issues with the packages installed in your project. Instead, you should use thenpm
package manager to manage your packages and their dependencies.package.json
The
package.json
file is a metadata file that contains information about the Node.js project, including its name, version, description, author, dependencies, and other details. It is like a shopping list for your project that keeps track of all the project needs.When you run
npm init
, apackage.json
file is created in the current directory. You can also create apackage.json
file manually and then add the required information using thenpm init
command or automatically (required information is filled by default for you) usingnpm init -y
.The
package.json
file is used by thenpm
package manager to manage your project's dependencies. When you install a package usingnpm install <package_name>
, NPM will automatically add the package to the dependencies section of thepackage.json
file. Thepackage.json
file also allows you to specify the version of a package that your project requires. This ensures that your project is always compatible with the required version of the package.package-lock.json
The
package-lock.json
is a file that is automatically generated by NPM when you install packages or update package versions using thenpm install
ornpm update
command. This file is used to ensure that the same dependencies are installed on every machine and in every environment the project runs.It is especially useful for projects with multiple developers or for projects that are deployed to multiple environments, such as development, staging, and production. It ensures that everyone is working with the same dependencies and that there are no discrepancies between environments.
Demo
Let's get our hands dirty.
Suppose you want to install certain packages for example express, dotenv, nodemon, cors, bcrypt and jsonwebtoken. You also want to install nodemon as a dev dependency. Follow these procedures:
Through your terminal navigate to the project root folder.
Initialize a new
package.json
file for your project.npm init OR npm init -y
The
-y
flag is used when you want to automatically generate or initialize thepackage.json
file, in this case all required information is generated for you automatically.Install the required packages (In this case express, dotenv, nodemon, cors, bcrypt and jsonwebtoken) for the project using NPM. Use the
--save
flag to save the packages as dependencies in yourpackage.json
file, and use the--save-dev
flag to save packages as devDependencies in yourpackage.json
file.npm install express dotenv cors bcrypt jsonwebtoken --save npm install nodemon --save-dev
Now
express
,dotenv
,cors
,bcrypt
, andjsonwebtoken
are installed as dependencies, whilenodemon
is installed as a devDependency.After installation, you will see the
node_modules
folder in your project directory. This folder contains all the installed packages and their dependencies.
While composing this article, I discovered an exciting technique for installing dependencies that can optimize space and enhance performance and efficiency. Previously, I used to simply enter
npm install package_name
to install my packages.Somethings shouldn’t be all about
npm install
. Sometimes flags are needed ☺️In the same way, I learned something new, I sincerely hope that this article provided valuable insights for you. Kindly share your thoughts in the comments section.
Thank You.