10 Cool Things You Should Know about NPM

1. What is NPM

  • npm stands for Node Package Manager and most of JavaScript program is registered to npm as a package
  • npm has more than 700K package registered; the world largest IT ecosystem
  • yarn is alternative of npm ; created by Facebook

2. package.json

  • The same package can have different functionalities depending on its version; package.json file records all the installed package
  • The command to create packge.json
$ npm init

This is image title

package name : The name of package; name property of package.json

version : npm version is strictly managed (we will go through deeply later)

entry point : entry point for JavaScript executable file. Often the last module.exports file

git repository : repository property of package.json

keywords : enable user to find the package easily in npm official site (https://npmjs.com) keywords property of package.json

3. License

  • ISC, MIT, BSD license : free to use when you acknowledge module and license
  • Apache : free to use but has patent right restriction
  • GPL : need to make source code public and distribute until GPL license when deploying

4. scripts in package.json

  • script property specifies npm command line i.e., npm run [SCRIPT COMMAND] in console
  • Often time, save node [FILE NAME] under start command and execute npm start like React.js, Vue.js

##. 5 — save option

  • --save option for npm install command is often used for tutorials
  • --save option adds package name to dependencies but it’s default from npm@5 ; Therefore, no need to specify --save option for npm install command

6. — save-dev option

  • --save-dev option for packages only for development i.e., nodemon provides hot loading whenever the source code is changed and it’s often used only for development
  • --save-dev can be abbreviated to -D
// console
npm install --save-dev nodemand

// package.json

 "devDependencies": {
 "nodemon": "^1.17.3"

7. package version

  • node package version is always consists of 3 numbers because it follows SemVer (Semantic Versioning) rule

First number (1) :

  • major version
  • 0 stands for development version; official version starting from 1
  • major version is incremented only when the lower version cannot be compatible i.e., upgrade from 1.5.0 to 2.0.0 means that it’s very probable to cause errors for updating to 2.0.0 from 1.5.0

Second number (0) :

  • minor version
  • lower version is compatible and often functionality update i.e., no problem upgrade from 1.5.0 to 1.6.0 in terms of compatibility

Third number (7) :

  • patch version
  • fix the existing error i.e, upgrade from 1.5.0 to 1.5.1 should not cause any errors

8. ^ , < , ~ symbol for package version

^ :

  • install / update to minor version
  • i.e., npm i express@^1.1.1 installs a version from 1.1.1 ~ 2.0.0 (excluding 2.0.0 because the first number has changed and it’s major (version) change)

~ :

  • install / update to patch version
  • i.e., npm i express@~1.1.1 installs a version from 1.1.1 ~ 1.2.0

^ is often useful than ~ because minor version update is compatible to the lower version and has the most updated functionalities

@latest : used to install the most updated (latest) version of packages (can be expressed as npm i express@latest or npm i express@x

9. npm outdated command

  • can find available updated package using npm outdated

This is image title

  • needs an update if Current & Wanted is different
  • can update by executing npm update [PACKAGE NAME]
  • running npm update updates ALL packages to the version specified in Wanted

10. useful resource

Compare packages

This is image title

Check the download trend of package

This is image title

Thank you for reading!

#nodejs #javascript #web development #programming

10 Cool Things You Should Know about NPM
11.80 GEEK