In my previous article on node.js modules, we discussed third-party modules or packages. This article will focus on the effective management of these modules by utilizing Node.js Package Manager (npm). By the end of this article, you will have the knowledge needed to manage your Node.js modules like a pro.

Packages 🧐

A Package is a file or directory that is described by a package.json. A Module is any file or directory in the node_modules directory that can be loaded by the Node.js require() function.

Don't worry we would get into explaining package.json and node_modules later on. You can check out my previous article to understand the require() function.

In Node.js, a Package is a collection of modules that can be installed, updated, and uninstalled using a Package Manager. These Modules are individual pieces of code that perform a specific task or provide a particular feature. These packages can be either built-in or third-party, and they are used to add functionality to Node.js applications.

Package Manager

A Package Manager is a tool that allows developers to easily manage and install packages.

Some package managers in node.Js include; npm, yarn and pnpm

The most commonly used package manager in Node.js is the Node.js Package Manager (npm).

Node.Js Package Manager(NPM)

NPM allows developers to install, update, and remove packages from their projects. With npm, developers can install packages globally, making them available to all their Node.js projects, or locally, making them specific to a particular project.

Some features of npm;

Package installation and management: NPM allows developers to easily install and manage packages in their Node.js projects.
Version management: NPM allows developers to easily manage the versions of packages they are using, ensuring compatibility and security.
Package publishing: NPM allows developers to easily publish their packages to the npm registry, making them available for others to use. (which is out of the scope of this article)

NPM COMMANDS

npm install: If a project has a package.json file with dependencies listed in it, this command will install all dependencies in the package.json file, into the node_modules folder the folder will be created if it is not existing already.
npm install package_name: Installs a single package.
npm install package1 package2 .... packageN: Installs multiple packages, in this case installing N number of packages.
npm update: Updates all packages to the latest version.
npm update package_name: Updates the version of a single package.
npm outdated: Shows outdated packages that need to be updated.
npm init: Creates a new package.json file in the current directory.
npm search: Searches the npm registry for packages.
npm audit: Checks for security vulnerabilities in installed packages.
npm list: Lists all installed packages and their dependencies.

Package Installation

Packages can be installed globally or locally.

Global Package Installation

Installing a package globally makes that package available to all your Node.js projects on your system and allows you to use the code in the package as a set of tools on your local computer.

Global Package Installation in Node.js can be done using the -g flag.

To download and install packages globally, on the command line, run the following command:

npm install -g package_name

Note: You can run the commands above from any location on your system.

Local Package Installation

Installing a package locally ensures that the package is only available to a specific project or project directory. This is useful when you are working on multiple projects with different dependencies. It also allows you to manage dependencies for each project separately.

To install packages locally navigate to the root directory of your application and run the following command in the terminal:

npm install package-name

Another way of installing locally is using the --save flag,

npm install package_name --save

Alternatively, if the package to be installed is for testing or development purposes it is best to use the --save-dev flag:

npm install package_name --save-dev

The --save-dev is a flag used to save the package as a development dependency (dev dependency) in the package.json file. Development dependencies are packages that are only required during the development of the project, such as testing frameworks or build tools and are not needed when the project is running in production. The --save-dev flag helps to separate dependencies based on their usage and ensures that only required packages are installed in production environments, reducing the overall package size and improving performance. Examples of dev dependencies are mocha, gulp, nodemon and so on.

The commands above will cause NPM to download three items into your project's root directory: a node_modules folder, a package.json file, and a package-lock.json file. We will discuss these items in detail later on in this article.

Note: You must have Node and a package manager (NPM or Yarn) installed on your system for the installation command to work. You can get both by installing the latest LTS or the current version from the Node.js website.

INSTALLATION FLAGS

--save-dev installs and adds the package to the package.json file devDependencies
--no-save installs but does not add the package to the package.json file dependencies
--save-optional installs and adds the package to the package.json file optionalDependencies
--no-optional will prevent optional dependencies from being installed

Important NPM Files and Directories

node_module

This is the directory that contains all the installed packages for a Node.js project. When you install a package using npm, it is downloaded and saved in the node_modules folder under your project root directory. It contains subdirectories that represent the packages installed in your project, and each subdirectory contains the package's files and dependencies.

When you require a module in your Node.js project using the require() function, Node.js looks for the module in the node_modules folder, and when the module is found, it loads the module. If the module is not found in the node_modules folder, Node.js will look for it in the global modules directory and if not found globally it throws an error.

It is important to note that you should not manually modify or delete files in the node_modules folder, as this can cause issues with the packages installed in your project. Instead, you should use the npm package manager to manage your packages and their dependencies.
package.json

The package.json file is a metadata file that contains information about the Node.js project, including its name, version, description, author, dependencies, and other details. It is like a shopping list for your project that keeps track of all the project needs.

When you run npm init, a package.json file is created in the current directory. You can also create a package.json file manually and then add the required information using the npm init command or automatically (required information is filled by default for you) using npm init -y.

The package.json file is used by the npm package manager to manage your project's dependencies. When you install a package using npm install <package_name>, NPM will automatically add the package to the dependencies section of the package.json file. The package.json file also allows you to specify the version of a package that your project requires. This ensures that your project is always compatible with the required version of the package.
package-lock.json

The package-lock.json is a file that is automatically generated by NPM when you install packages or update package versions using the npm install or npm update command. This file is used to ensure that the same dependencies are installed on every machine and in every environment the project runs.

It is especially useful for projects with multiple developers or for projects that are deployed to multiple environments, such as development, staging, and production. It ensures that everyone is working with the same dependencies and that there are no discrepancies between environments.

Demo

Let's get our hands dirty.

Suppose you want to install certain packages for example express, dotenv, nodemon, cors, bcrypt and jsonwebtoken. You also want to install nodemon as a dev dependency. Follow these procedures:

Through your terminal navigate to the project root folder.
Initialize a new package.json file for your project.
```
 npm init

 OR

 npm init -y
```
The -y flag is used when you want to automatically generate or initialize the package.json file, in this case all required information is generated for you automatically.
Install the required packages (In this case express, dotenv, nodemon, cors, bcrypt and jsonwebtoken) for the project using NPM. Use the --save flag to save the packages as dependencies in your package.json file, and use the --save-dev flag to save packages as devDependencies in your package.json file.
```
 npm install express dotenv cors bcrypt jsonwebtoken --save
 npm install nodemon --save-dev
```
Now express, dotenv, cors, bcrypt, and jsonwebtoken are installed as dependencies, while nodemon is installed as a devDependency.
After installation, you will see the node_modules folder in your project directory. This folder contains all the installed packages and their dependencies.

While composing this article, I discovered an exciting technique for installing dependencies that can optimize space and enhance performance and efficiency. Previously, I used to simply enter npm install package_nameto install my packages.

Somethings shouldn’t be all about npm install. Sometimes flags are needed ☺️

In the same way, I learned something new, I sincerely hope that this article provided valuable insights for you. Kindly share your thoughts in the comments section.

Thank You.

RESOURCES

An Introduction to NPM Package Manager

Olivia’s View