Michael Bryan

Michael Bryan

1560746858

A Beginner’s Guide to npm: The Node Package Manager

In this tutorial, we'll discuss NPM (Node Package Manager), its commands, how to install its packages, and certain versions of packages.

Node.js allows you to write applications in JavaScript on the server. It has been written in C++ and built on V8 JavaScript runtime, which makes it fast and reliable. It was initially invented for the better server environment, but now developers use it to build tools to aid them in local task automation. After that, a new network of Node-based tools starts growing to alter the face of front-end development.

Node.js also has a vast ecosystem of libraries that are known as NPM (Node Package Manager) modules. It is considered as the most extensive software packages library in the world having over 600,000 packages. The npm allows users to install the packages that they want to use with a user-friendly interface. The Node.js installation comes with Command Line Interface that allows users to interact with the packages on their local machine.

In this article, we will discuss npm, its commands, how to install its packages, and certain versions of packages. Also, we will talk about package.json and how you can work with it.

What Is npm?

npm stands for Node Package Manager and it works as a project manager for JavaScript. However, it is actually defined in three different parts:

  1. The Website – It is the place where users can browse packages, read the docs, and find general info on npm.
  2. The Registry – It is the database that stores the information and the code for the packages.
  3. The npm Client – It is the tool installed on the developer’s machine to allow them to install, publish, and update packages.

It is considered as a package because it contains multiple files.

Installing Node.js

To use npm, first, you’ll have to install Node.js on your system. Download Node.js and select the version that you want to install on your system. You can find Windows and Mac installers, as well as precompiled Linux libraries and source code. Here, we have used v10.15.3 stable for installing Node.js.

So, let’s see where node.js is installed and check the version:

$ which node

/usr/bin/node

$ node –version

V10.15.3

Now, to verify whether the installation was successful or not, give Node’s REPL a try.

$ node

> console.log('Node is running');

Node is running

> .help

.break Sometimes you get stuck, this gets you out

.clear Alias for .break

.editor Enter editor mode

.exit Exit the repl

.help Show repl options

.load Load JS from a file into the REPL session

.save Save all evaluated commands in this REPL session to a file

> .exit

If the Node.js is successfully installed, you can focus on using npm that is installed within the Node.js package.

$ which npm

/usr/bin/npm

$ npm --version

6.4.1

Working With npm

For modern web development, using npm is no less than a cornerstone, even if it comes as a package manager with Node.js exclusively or build tool for the front-end. For beginners, especially if you’re completely new to Node.js, it can be a bit challenging to understand npm as a tool and its core concepts. But, we still tried to briefly review it in the best and easiest way for you.

Introduction to package.json

Any project that uses Node.js needs to have a package.json file that is known as a patent of your project, which involves the modules and applications it depends on, source control information, and specific metadata like the project’s name, explanation, and source.

A package.json file is always formatted in JSON format to make it readable as metadata and parsable by machines.

Project Dependencies and devDependencies Management in package.json

Another crucial feature of package.json is that it includes a collection of dependencies on which a project relies to function properly. These dependencies make it easy for a project to install the versions of the modules it depends on. By using the install command (discussed in the below part) in a project, developers can install all the dependencies that are included in the package.json, which means you don’t have to bundle them with the project itself.

Also, it separates the dependencies of production and development. For instance, in production, you don’t need a tool to look after your CSS for changes and refresh the app when they are modified, but in both production and development you need the modules that allow you to accomplish certain things with your project, like API Tools, Web framework, and code utilities.

Here is an example of package.json with dependencies and devDependencies.

{
"name": "metaverse",
"version": "0.92.12",
"description": "The Metaverse virtual reality. The final outcome of all virtual worlds, augmented reality, and the Internet.",
"main": "index.js"
"license": "MIT",
"devDependencies": {
	"mocha": "~3.1",
	"native-hello-world": "^1.0.0",
	"should": "~3.3",
	"sinon": "~1.9"
},
"dependencies": {
"	fill-keys": "^1.0.2",
	
	"module-not-found-error": "^1.0.0",
	"resolve": "~1.1.7"
	}
}

However, both the package.json dependencies and devDependencies are objects with multiple key/value pairs. The key refers to the name of the package, whereas the value refers to version range that can be installed.

Essential Commands of npm

As mentioned above, npm comes with a command line interface, which means you’ll have to use a command line tool for most of your interactions. So, here is an overview of commands that you’ll have to use most frequently.

  • npm init for initializing a project.

It is a step-by-step tool command that frames out your project. It prompts the user for a few aspects of the project in the following order:

  • npm init for initializing a project.

Well, it is necessary to know that the npm init command provides suggestions next to the prompt, so if you want to use the suggestions, then hit the Return or Enter button to move to the next prompt.

When you follow the above steps of npm init, it will generate a package.json file and place it in the current directory. You can run this file for your own project or move it to a directory that is not dedicated to your project.

To use the npm init command, use the below command:

npm init # This will trigger the initialization.

However, if you want to accept the prompts that come from npm init automatically, then use the –yes flag on the npm init command. It will populate all the options automatically with the default npm init values.

npm Modules and Their Installation

As described earlier, the npm library is very extensive, which makes it difficult for users to find the right modules and tools for your application. So, here we have tried to cover the most useful modules for development.

1. Nodemon

It is a useful command line interface utility that is used in the development stage of the application. Usually, when changes are made to an application, developers need to restart the server manually. Using Nodemon, this process can be alleviated as it wraps the Node application, watches for file changes, and then restarts the server automatically whenever changes are made to it. You can install this module with the following command:

npm install Nodemon –save-dev

Then, restart the server in the command prompt with nodemon:

nodemon index.js

2. Express

Express is a web application framework that wraps a Node.js web server. It provides simple API, routing, and middleware functions. It is normally used for RESTful APIs, single page application serving, and static content serving. To install the Express module, use the following command:

npm install express

Once express is installed, create an index.js file in your root folder with the following code:

const express = require('express');
const server = express();
server.use(express.json());
server.listen(5000, () => {
	console.log("Server running at port 5000")
});

After running the above code, go to the command line in your project directory and add:

node index.js

The express server will be created in your directory and it will be connected to localhost.

3. Helmet

Helmet is a middleware module that can be used with Express to secure an application. It sets appropriate HTTP headers that hide secure information from malicious users or malware attacks. Other headers in Helmet prevent malicious users from accessing crucial information with forget certificates and prevent cross-site scripting attacks. You can install the Helmet module in the project library with the following command:

npm install helmet

Then, import the package in your index.js file and use the middleware in the server with the following code:

const helmet = require (‘helmet’);
Server.use (helmet());

But, make sure all the requests in your server are set so that server.use can call the requests.

Similarly, you can install other npm packages to your server. But, it is necessary to know that npm can install packages in local and global mode. In local mode, the above method is used, whereas, in global mode packages are installed in {prefix}/lib/node_modules/ which means you’ll have to use sudo to install packages globally.

Changing Location of Global Packages

If you want to change the location of global packages, then you can use the npm config.

$ npm config list
; cli configs
user-agent = "npm/6.9.0 node/v10.15.3 linux x64"
; userconfig /home/sitepoint/.npmrc
prefix = "/home/sitepoint/.node_modules_global"
; node bin location = /usr/bin/nodejs
; cwd = /home/sitepoint
; HOME = /home/sitepoint
; "npm config ls -l" to show all defaults.

It will provide you with the information related to installation, but you need to get the current global location of the packages, which can be achieved with:

$ npm config get prefix
/usr

You’ll have to use the above prefix to install global packages in the home directory. For that, create a new directory in the home folder:

$ cd ~ && mkdir .node_modules_global
$ npm config set prefix=$HOME/.node_modules_global

With this configuration change, you can alter the location to where global Node packages are installed. It will also create a .npmrc file in the home directory.

$ npm config get prefix
/home/sitepoint/.node_modules_global
$ cat .npmrc
prefix=/home/sitepoint/.node_modules_global
$ npm config get prefix
/home/sitepoint/.node_modules_global
$ cat .npmrc
prefix=/home/sitepoint/.node_modules_global

If you still have npm installed in a location owned by the root directory, then you need to install npm again. It will also install the latest version of npm.

npm install npm@latest -g

At last, you need to add .node_modules_global/bin to the $PATH environment variable so that you can run global packages from the command line.

#node-js #npm

What is GEEK

Buddha Community

A Beginner’s Guide to npm: The Node Package Manager
Mike  Kozey

Mike Kozey

1656151740

Test_cov_console: Flutter Console Coverage Test

Flutter Console Coverage Test

This small dart tools is used to generate Flutter Coverage Test report to console

How to install

Add a line like this to your package's pubspec.yaml (and run an implicit flutter pub get):

dev_dependencies:
  test_cov_console: ^0.2.2

How to run

run the following command to make sure all flutter library is up-to-date

flutter pub get
Running "flutter pub get" in coverage...                            0.5s

run the following command to generate lcov.info on coverage directory

flutter test --coverage
00:02 +1: All tests passed!

run the tool to generate report from lcov.info

flutter pub run test_cov_console
---------------------------------------------|---------|---------|---------|-------------------|
File                                         |% Branch | % Funcs | % Lines | Uncovered Line #s |
---------------------------------------------|---------|---------|---------|-------------------|
lib/src/                                     |         |         |         |                   |
 print_cov.dart                              |  100.00 |  100.00 |   88.37 |...,149,205,206,207|
 print_cov_constants.dart                    |    0.00 |    0.00 |    0.00 |    no unit testing|
lib/                                         |         |         |         |                   |
 test_cov_console.dart                       |    0.00 |    0.00 |    0.00 |    no unit testing|
---------------------------------------------|---------|---------|---------|-------------------|
 All files with unit testing                 |  100.00 |  100.00 |   88.37 |                   |
---------------------------------------------|---------|---------|---------|-------------------|

Optional parameter

If not given a FILE, "coverage/lcov.info" will be used.
-f, --file=<FILE>                      The target lcov.info file to be reported
-e, --exclude=<STRING1,STRING2,...>    A list of contains string for files without unit testing
                                       to be excluded from report
-l, --line                             It will print Lines & Uncovered Lines only
                                       Branch & Functions coverage percentage will not be printed
-i, --ignore                           It will not print any file without unit testing
-m, --multi                            Report from multiple lcov.info files
-c, --csv                              Output to CSV file
-o, --output=<CSV-FILE>                Full path of output CSV file
                                       If not given, "coverage/test_cov_console.csv" will be used
-t, --total                            Print only the total coverage
                                       Note: it will ignore all other option (if any), except -m
-p, --pass=<MINIMUM>                   Print only the whether total coverage is passed MINIMUM value or not
                                       If the value >= MINIMUM, it will print PASSED, otherwise FAILED
                                       Note: it will ignore all other option (if any), except -m
-h, --help                             Show this help

example run the tool with parameters

flutter pub run test_cov_console --file=coverage/lcov.info --exclude=_constants,_mock
---------------------------------------------|---------|---------|---------|-------------------|
File                                         |% Branch | % Funcs | % Lines | Uncovered Line #s |
---------------------------------------------|---------|---------|---------|-------------------|
lib/src/                                     |         |         |         |                   |
 print_cov.dart                              |  100.00 |  100.00 |   88.37 |...,149,205,206,207|
lib/                                         |         |         |         |                   |
 test_cov_console.dart                       |    0.00 |    0.00 |    0.00 |    no unit testing|
---------------------------------------------|---------|---------|---------|-------------------|
 All files with unit testing                 |  100.00 |  100.00 |   88.37 |                   |
---------------------------------------------|---------|---------|---------|-------------------|

report for multiple lcov.info files (-m, --multi)

It support to run for multiple lcov.info files with the followings directory structures:
1. No root module
<root>/<module_a>
<root>/<module_a>/coverage/lcov.info
<root>/<module_a>/lib/src
<root>/<module_b>
<root>/<module_b>/coverage/lcov.info
<root>/<module_b>/lib/src
...
2. With root module
<root>/coverage/lcov.info
<root>/lib/src
<root>/<module_a>
<root>/<module_a>/coverage/lcov.info
<root>/<module_a>/lib/src
<root>/<module_b>
<root>/<module_b>/coverage/lcov.info
<root>/<module_b>/lib/src
...
You must run test_cov_console on <root> dir, and the report would be grouped by module, here is
the sample output for directory structure 'with root module':
flutter pub run test_cov_console --file=coverage/lcov.info --exclude=_constants,_mock --multi
---------------------------------------------|---------|---------|---------|-------------------|
File                                         |% Branch | % Funcs | % Lines | Uncovered Line #s |
---------------------------------------------|---------|---------|---------|-------------------|
lib/src/                                     |         |         |         |                   |
 print_cov.dart                              |  100.00 |  100.00 |   88.37 |...,149,205,206,207|
lib/                                         |         |         |         |                   |
 test_cov_console.dart                       |    0.00 |    0.00 |    0.00 |    no unit testing|
---------------------------------------------|---------|---------|---------|-------------------|
 All files with unit testing                 |  100.00 |  100.00 |   88.37 |                   |
---------------------------------------------|---------|---------|---------|-------------------|
---------------------------------------------|---------|---------|---------|-------------------|
File - module_a -                            |% Branch | % Funcs | % Lines | Uncovered Line #s |
---------------------------------------------|---------|---------|---------|-------------------|
lib/src/                                     |         |         |         |                   |
 print_cov.dart                              |  100.00 |  100.00 |   88.37 |...,149,205,206,207|
lib/                                         |         |         |         |                   |
 test_cov_console.dart                       |    0.00 |    0.00 |    0.00 |    no unit testing|
---------------------------------------------|---------|---------|---------|-------------------|
 All files with unit testing                 |  100.00 |  100.00 |   88.37 |                   |
---------------------------------------------|---------|---------|---------|-------------------|
---------------------------------------------|---------|---------|---------|-------------------|
File - module_b -                            |% Branch | % Funcs | % Lines | Uncovered Line #s |
---------------------------------------------|---------|---------|---------|-------------------|
lib/src/                                     |         |         |         |                   |
 print_cov.dart                              |  100.00 |  100.00 |   88.37 |...,149,205,206,207|
lib/                                         |         |         |         |                   |
 test_cov_console.dart                       |    0.00 |    0.00 |    0.00 |    no unit testing|
---------------------------------------------|---------|---------|---------|-------------------|
 All files with unit testing                 |  100.00 |  100.00 |   88.37 |                   |
---------------------------------------------|---------|---------|---------|-------------------|

Output to CSV file (-c, --csv, -o, --output)

flutter pub run test_cov_console -c --output=coverage/test_coverage.csv

#### sample CSV output file:
File,% Branch,% Funcs,% Lines,Uncovered Line #s
lib/,,,,
test_cov_console.dart,0.00,0.00,0.00,no unit testing
lib/src/,,,,
parser.dart,100.00,100.00,97.22,"97"
parser_constants.dart,100.00,100.00,100.00,""
print_cov.dart,100.00,100.00,82.91,"29,49,51,52,171,174,177,180,183,184,185,186,187,188,279,324,325,387,388,389,390,391,392,393,394,395,398"
print_cov_constants.dart,0.00,0.00,0.00,no unit testing
All files with unit testing,100.00,100.00,86.07,""

Installing

Use this package as an executable

Install it

You can install the package from the command line:

dart pub global activate test_cov_console

Use it

The package has the following executables:

$ test_cov_console

Use this package as a library

Depend on it

Run this command:

With Dart:

 $ dart pub add test_cov_console

With Flutter:

 $ flutter pub add test_cov_console

This will add a line like this to your package's pubspec.yaml (and run an implicit dart pub get):

dependencies:
  test_cov_console: ^0.2.2

Alternatively, your editor might support dart pub get or flutter pub get. Check the docs for your editor to learn more.

Import it

Now in your Dart code, you can use:

import 'package:test_cov_console/test_cov_console.dart';

example/lib/main.dart

import 'package:flutter/material.dart';

void main() {
  runApp(MyApp());
}

class MyApp extends StatelessWidget {
  // This widget is the root of your application.
  @override
  Widget build(BuildContext context) {
    return MaterialApp(
      title: 'Flutter Demo',
      theme: ThemeData(
        // This is the theme of your application.
        //
        // Try running your application with "flutter run". You'll see the
        // application has a blue toolbar. Then, without quitting the app, try
        // changing the primarySwatch below to Colors.green and then invoke
        // "hot reload" (press "r" in the console where you ran "flutter run",
        // or simply save your changes to "hot reload" in a Flutter IDE).
        // Notice that the counter didn't reset back to zero; the application
        // is not restarted.
        primarySwatch: Colors.blue,
        // This makes the visual density adapt to the platform that you run
        // the app on. For desktop platforms, the controls will be smaller and
        // closer together (more dense) than on mobile platforms.
        visualDensity: VisualDensity.adaptivePlatformDensity,
      ),
      home: MyHomePage(title: 'Flutter Demo Home Page'),
    );
  }
}

class MyHomePage extends StatefulWidget {
  MyHomePage({Key? key, required this.title}) : super(key: key);

  // This widget is the home page of your application. It is stateful, meaning
  // that it has a State object (defined below) that contains fields that affect
  // how it looks.

  // This class is the configuration for the state. It holds the values (in this
  // case the title) provided by the parent (in this case the App widget) and
  // used by the build method of the State. Fields in a Widget subclass are
  // always marked "final".

  final String title;

  @override
  _MyHomePageState createState() => _MyHomePageState();
}

class _MyHomePageState extends State<MyHomePage> {
  int _counter = 0;

  void _incrementCounter() {
    setState(() {
      // This call to setState tells the Flutter framework that something has
      // changed in this State, which causes it to rerun the build method below
      // so that the display can reflect the updated values. If we changed
      // _counter without calling setState(), then the build method would not be
      // called again, and so nothing would appear to happen.
      _counter++;
    });
  }

  @override
  Widget build(BuildContext context) {
    // This method is rerun every time setState is called, for instance as done
    // by the _incrementCounter method above.
    //
    // The Flutter framework has been optimized to make rerunning build methods
    // fast, so that you can just rebuild anything that needs updating rather
    // than having to individually change instances of widgets.
    return Scaffold(
      appBar: AppBar(
        // Here we take the value from the MyHomePage object that was created by
        // the App.build method, and use it to set our appbar title.
        title: Text(widget.title),
      ),
      body: Center(
        // Center is a layout widget. It takes a single child and positions it
        // in the middle of the parent.
        child: Column(
          // Column is also a layout widget. It takes a list of children and
          // arranges them vertically. By default, it sizes itself to fit its
          // children horizontally, and tries to be as tall as its parent.
          //
          // Invoke "debug painting" (press "p" in the console, choose the
          // "Toggle Debug Paint" action from the Flutter Inspector in Android
          // Studio, or the "Toggle Debug Paint" command in Visual Studio Code)
          // to see the wireframe for each widget.
          //
          // Column has various properties to control how it sizes itself and
          // how it positions its children. Here we use mainAxisAlignment to
          // center the children vertically; the main axis here is the vertical
          // axis because Columns are vertical (the cross axis would be
          // horizontal).
          mainAxisAlignment: MainAxisAlignment.center,
          children: <Widget>[
            Text(
              'You have pushed the button this many times:',
            ),
            Text(
              '$_counter',
              style: Theme.of(context).textTheme.headline4,
            ),
          ],
        ),
      ),
      floatingActionButton: FloatingActionButton(
        onPressed: _incrementCounter,
        tooltip: 'Increment',
        child: Icon(Icons.add),
      ), // This trailing comma makes auto-formatting nicer for build methods.
    );
  }
}

Author: DigitalKatalis
Source Code: https://github.com/DigitalKatalis/test_cov_console 
License: BSD-3-Clause license

#flutter #dart #test 

Coy  Roberts

Coy Roberts

1598725740

Introduction To Node Package Manage | What is NPM

Introduction To Node Package Manager(NPM). Today NPM is the biggest repository for any programming language, and it has almost every package that you need in a web or mobile development project. The npm means the** node package manager**.

The topics we cover are the following.

NPM Topics

  1. Overview of NPM
  2. Attributes of package.json
  3. Updating NPM packages
  4. NPM Versioning
  5. Semantic versioning
  6. Global and local installation of NPM packages.
  7. Uninstalling module.
  8. Search a module
  9. Running an NPM task

#npm #node.js #node package manager

Riley Lambert

Riley Lambert

1559272630

A Beginner’s Guide to npm — the Node Package Manager

In this tutorial, I’m going to look at the basics of working with npm. I will show you how to install packages in local and global mode, as well as delete, update and install a certain version of a package. I’ll also show you how to work with package.json to manage a project’s dependencies. 

Node.js makes it possible to write applications in JavaScript on the server. It’s built on the V8 JavaScript runtime and written in C++ — so it’s fast. Originally, it was intended as a server environment for applications, but developers started using it to create tools to aid them in local task automation. Since then, a whole new ecosystem of Node-based tools (such as Grunt, Gulp and Webpack) has evolved to transform the face of front-end development.

To make use of these tools (or packages) in Node.js we need to be able to install and manage them in a useful way. This is where npm, the Node package manager, comes in. It installs the packages you want to use and provides a useful interface to work with them.

But before we can start using npm, we first have to install Node.js on our system. Let’s do that now…

Installing Node.js

Head to the Node.js download page and grab the version you need. There are Windows and Mac installers available, as well as pre-compiled Linux binaries and source code. For Linux, you can also install Node via the package manager, as outlined here.

For this tutorial we are going to use v10.15.3 Stable. At the time of writing, this is the current Long Term Support (LTS) version of Node.

Let’s see where node was installed and check the version.

$ which node
/usr/bin/node
$ node --version
v10.15.3

 

To verify that your installation was successful let’s give Node’s REPL a try.

$ node

> console.log(‘Node is running’);

Node is running

> .help

.break    Sometimes you get stuck, this gets you out

.clear    Alias for .break

.editor   Enter editor mode

.exit     Exit the repl

.help     Show repl options

.load     Load JS from a file into the REPL session

.save     Save all evaluated commands in this REPL session to a file

> .exit

 

 

The Node.js installation worked, so we can now focus our attention on npm, which was included in the install.

$ which npm

/usr/bin/npm

$ npm --version

6.4.1

Updating npm

npm, which is Node.js’ Package Manager, is a separate project from Node.js. It tends to be updated more frequently. You can check the latest available npm version on this page. If you realize you have an older version, you can update as follows.

For Linux and Mac users, use the following command:

npm install npm@latest -g

For Windows users, never ever run the above command. If you already have, you won’t be able to update npm. You will have to uninstall your entire Node.js installation and install again. To properly update npm in Windows, you will need to do the following. First open PowerShell as administrator and execute the following command:

Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force

This will ensure you can execute scripts on your system. Next will you need to install the npm-windows-upgrade tool. After you have installed the tool, you need to run it so that it can update npm for you. Do all this within the elevated PowerShell console.

npm install --global --production npm-windows-upgrade

npm-windows-upgrade --npm-version latest

Node Packaged Modules

npm can install packages in local or global mode. In local mode it installs the package in a node_modules folder in your parent working directory. This location is owned by the current user. Global packages are installed in {prefix}/lib/node_modules/ which is owned by root (where {prefix} is usually /usr/ or /usr/local). This means you would have to use sudo to install packages globally, which could cause permission errors when resolving third-party dependencies, as well as being a security concern. Lets change that:

Time to manage those packages

Changing the Location of Global Packages

Let’s see what output npm config gives us.

$ npm config list

; cli configs

user-agent = “npm/6.9.0 node/v10.15.3 linux x64”



; userconfig /home/sitepoint/.npmrc

prefix = “/home/sitepoint/.node_modules_global”


; node bin location = /usr/bin/nodejs

; cwd = /home/sitepoint

; HOME = /home/sitepoint

; “npm config ls -l” to show all defaults.

 

This gives us information about our install. For now it’s important to get the current global location.

$ npm config get prefix

/usr

This is the prefix we want to change, so as to install global packages in our home directory. To do that create a new directory in your home folder.

$ cd ~ && mkdir .node_modules_global

$ npm config set prefix=$HOME/.node_modules_global

With this simple configuration change, we have altered the location to which global Node packages are installed. This also creates a .npmrc file in our home directory.

$ npm config get prefix

/home/sitepoint/.node_modules_global

$ cat .npmrc

prefix=/home/sitepoint/.node_modules_global

We still have npm installed in a location owned by root. But because we changed our global package location we can take advantage of that. We need to install npm again, but this time in the new user-owned location. This will also install the latest version of npm.

npm install npm@latest -g

Finally, we need to add .node_modules_global/bin to our $PATH environment variable, so that we can run global packages from the command line. Do this by appending the following line to your .profile, .bash_profileor .bashrc and restarting your terminal.

export PATH=“$HOME/.node_modules_global/bin:$PATH”

Now our .node_modules_global/bin will be found first and the correct version of npm will be used.

$ which npm

/home/sitepoint/.node_modules_global/bin/npm

$ npm --version

6.9.0

Installing Packages in Global Mode

At the moment we only have one package installed globally — that is the npm package itself. So let’s change that and install UglifyJS (a JavaScript minification tool). We use the –global flag, but this can be abbreviated to -g.

$ npm install uglify-js --global

/home/sitepoint/.node_modules_global/bin/uglifyjs -> /home/sitepoint/.node_modules_global/lib/node_modules/uglify-js/bin/uglifyjs

  • uglify-js@3.5.3
    added 3 packages from 38 contributors in 3.282s

As you can see from the output, additional packages are installed — these are UglifyJS’s dependencies.

Listing Global Packages

We can list the global packages we have installed with the npm list command.

$ npm list --global

home/sitepoint/.node_modules_global/lib

├─┬ npm@6.9.0

│ ├── abbrev@1.1.1

│ ├── ansicolors@0.3.2

│ ├── ansistyles@0.1.3

│ ├── aproba@2.0.0

│ ├── archy@1.0.0

…

└─┬ uglify-js@3.5.3

├── commander@2.19.0

└── source-map@0.6.1

 

The output however, is rather verbose. We can change that with the –depth=0 option.

$ npm list -g --depth=0

/home/sitepoint/.node_modules_global/lib

├── npm@6.9.0

└── uglify-js@3.5.3

 

That’s better — just the packages we have installed along with their version numbers.

Any packages installed globally will become available from the command line. For example, here’s how you would use the Uglify package to minify example.js into example.min.js:

$ uglifyjs example.js -o example.min.js

Installing Packages in Local Mode

When you install packages locally, you normally do so using a package.json file. Let’s go ahead and create one.

$ npm init

package name: (project)

version: (1.0.0)

description: Demo of package.json

entry point: (index.js)

test command:

git repository:

keywords:

author:

license: (ISC)

Press Enter to accept the defaults, then type yes to confirm. This will create a package.json file at the root of the project.

{

“name”: “project”,

“version”: “1.0.0”,

“description”: “”,

“main”: “index.js”,

“scripts”: {

“test”: “echo “Error: no test specified” && exit 1”

},

“author”: “”,

“license”: “ISC”

}

 

Tip: If you want a quicker way to generate a package.json file use npm init --y

The fields are hopefully pretty self-explanatory, with the exception of main and scripts. The main field is the primary entry point to your program and the scripts field lets you specify script commands that are run at various times in the lifecycle of your package. We can leave these as they are for now, but if you’d like to find out more, see the package.json documentation on npm and this article on using npm as a build tool.

Now let’s try and install Underscore.

$ npm install underscore

npm notice created a lockfile as package-lock.json. You should commit this file.

npm WARN nodedemo@1.0.0 No description

npm WARN nodedemo@1.0.0 No repository field.

  • underscore@1.9.1
    added 1 package from 1 contributor and audited 1 package in 7.264s
    found 0 vulnerabilities

 

Note that a lockfile is created. We’ll be coming back to this later.

Now if we have a look in package.json we will see that a dependencies field has been added:

{

…

“dependencies”: {

“underscore”: “^1.9.1”

}

}

Managing Dependencies with package.json

As you can see, Underscore v1.9.1 was installed in our project. The caret (^) at the front of the version number indicates that when installing, npm will pull in the highest version of the package it can find where the only the major version has to match (unless a package-lock.json file is present). In our case, that would be anything below v2.0.0. This method of versioning dependencies (major.minor.patch) is known as semantic versioning. You can read more about it here: Semantic Versioning: Why You Should Be Using it.

Also notice that Underscore was saved as a property of the dependencies field. This has become the default in the latest version of npm and is used for packages (like Underscore) required for the application to run. It would also be possible to save a package as a devDependency by specifying a –save-dev flag. devDependencies are packages used for development purposes, for example for running tests or transpiling code.

You can also add private: true to package.json to prevent accidental publication of private repositories as well as suppressing any warnings generated when running npm install.

By far and away the biggest reason for using package.json to specify a project’s dependencies is portability. For example, when you clone someone else’s code, all you have to do is run npm i in the project root and npm will resolve and fetch all of the necessary packages for you to run the app. We’ll look at this in more detail later.

Before finishing this section, let’s quickly check Underscore is working. Create a file called test.js in the project root and add the following:

const _ = require(“underscore”);

console.log(_.range(5));

Run the file using node test.js and you should see [0, 1, 2, 3, 4] output to the screen.

Uninstalling Local Packages

npm is a package manager so it must be able to remove a package. Let’s assume that the current Underscore package is causing us compatibility problems. We can remove the package and install an older version, like so:

$ npm uninstall underscore

removed 2 packages in 0.107s

$ npm list

project@1.0.0 /home/sitepoint/project

└── (empty)

Installing a Specific Version of a Package

We can now install the Underscore package in the version we want. We do that by using the @ sign to append a version number.

$ npm install underscore@1.9.0

 

  • underscore@1.9.0
    added 1 package in 1.574s

$ npm list

project@1.0.0 /home/sitepoint/project

└── underscore@1.9.0

Updating a Package

Let’s check if there’s an update for the Underscore package:

$ npm outdated

Package     Current  Wanted  Latest  Location

underscore    1.9.0   1.9.1   1.9.1  project

The Current column shows us the version that is installed locally. The Latest column tells us the latest version of the package. And the Wanted column tells us the latest version of the package we can upgrade to without breaking our existing code.

Remember the package-lock.json file from earlier? Introduced in npm v5, the purpose of this file is to ensure that the dependencies remain the same on all machines the project is installed on. It is automatically generated for any operations where npm modifies either the node_modules folder, or package.json file.

You can go ahead and try this out if you like. Delete the node_modules folder, then re-run npm i. The latest version of npm will install Underscore v11.9.0 (as this is what is specified in the package-lock.json file). Earlier versions will pull in v1.9.1 due to the rules of semantic versioning. In the past inconsistent package versions have proven a big headache for developers. This was normally solved by using an npm-shrinkwrap.json file which had to be manually created.

Now, let’s assume the latest version of Underscore fixed the bug we had earlier and we want to update our package to that version.

$ npm update underscore

  • underscore@1.9.1
    updated 1 package in 0.236s

$ npm list

project@1.0.0 /home/sitepoint/project

└── underscore@1.9.1

 

Tip: For this to work, Underscore has to be listed as a dependency in package.json. We can also execute npm update if we have many outdated modules we want to update.

Searching for Packages

We’ve used the mkdir command a couple of times in this tutorial. Is there a node package that does the same? Let’s use npm search.

$ npm search mkdir

NAME      | DESCRIPTION          | AUTHOR          | DATE       | VERSION

mkdir     | Directory creation…  | =joehewitt      | 2012-04-17 | 0.0.2

fs-extra  | fs-extra contains…   | =jprichardson…  | 2018-11-07 | 7.0.1

make-dir  | Make a directory…    | =sindresorhus   | 2019-04-01 | 3.0.0

…

There is (mkdirp). Let’s install it.

$ npm install mkdirp

  • mkdirp@0.5.1
    added 2 packages in 3.357s

Now create a file mkdir.js and copy-paste this code:

const mkdirp = require(“mkdirp”);

mkdirp(“foo”, function(err) {

if (err) console.error(err);

else console.log(“Directory created!”);

});

 

And run it from the terminal:

$ node mkdir.js

Directory created!

Re-installing Project Dependencies

Let’s first install one more package:

$ npm install request

 

  • request@2.88.0
    added 48 packages from 59 contributors and audited 65 packages in 2.73s
    found 0 vulnerabilities

Check the package.json.

“dependencies”: {

“mkdirp”: “^0.5.1”,

“request”: “^2.88.0”,

“underscore”: “^1.9.1”

},

 

Note the dependencies list got updated automatically. In previous versions of npm, you would have had to execute npm install request --save to save the dependency in package.json. If you wanted to install a package without saving it in package.json, just use –no-save argument.

Let’s assume you have cloned your project source code to a another machine and we want to install the dependencies. Let’s delete the node_modules folder first then execute npm install

$ rm -R node-modules

$ npm list

project@1.0.0 /home/sitepoint/project

├── UNMET DEPENDENCY mkdirp@^0.5.1

├── UNMET DEPENDENCY request@^2.88.0

└── UNMET DEPENDENCY underscore@^1.9.1



npm ERR! missing: mkdirp@^0.5.1, required by project@1.0.0

npm ERR! missing: request@^2.88.0, required by project@1.0.0

npm ERR! missing: underscore@^1.9.1, required by project@1.0.0


$ npm install

added 51 packages from 60 contributors and audited 66 packages in 2.419s

found 0 vulnerabilities

 

If you look at your node_modules folder, you’ll see that it gets recreated again. This way, you can easily share your code with others without bloating your project and source repositories with dependencies.

Managing the Cache

When npm installs a package it keeps a copy, so the next time you want to install that package, it doesn’t need to hit the network. The copies are cached in the .npm directory in your home path.

$ ls ~/.npm

anonymous-cli-metrics.json  _cacache  index-v5  _locks  _logs  node-sass

This directory will get cluttered with old packages over time, so it’s useful to clean it up occasionally.

$ npm cache clean --force

 

You can also purge all node_module folders from your workspace if you have multiple node projects on your system you want to clean up.

find . -name “node_modules” -type d -exec rm -rf ‘{}’ +

 

Audit

A new feature was introduced in npm that allows developers to scan the dependencies for known security vulnerabilities. Let’s try out this feature by installing an old version of express.

$ npm install express@4.8.0

express@4.8.0
added 36 packages from 24 contributors and audited 123 packages in 15.97s
found 21 vulnerabilities (8 low, 9 moderate, 4 high)
run npm audit fix to fix them, or npm audit for details

As soon as we finish installing, we get a quick report that multiple vulnerabilities have been found. You can run the command npm audit to view more details.

$ npm run audit

=== npm audit security report ===

Run npm install express@4.16.4  to resolve 21 vulnerabilities




┌───────────────┬──────────────────────────────────────────────────────────────┐

│ High          │ Regular Expression Denial of Service                         │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ Package       │ negotiator                                                   │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ Dependency of │ express                                                      │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ Path          │ express > accepts > negotiator                               │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ More info     │ https://nodesecurity.io/advisories/106                       │

└───────────────┴──────────────────────────────────────────────────────────────┘


┌───────────────┬──────────────────────────────────────────────────────────────┐

│ Moderate      │ Timing Attack                                                │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ Package       │ cookie-signature                                             │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ Dependency of │ express                                                      │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ Path          │ express > cookie-signature                                   │

├───────────────┼──────────────────────────────────────────────────────────────┤

│ More info     │ https://nodesecurity.io/advisories/134                       │

└───────────────┴──────────────────────────────────────────────────────────────┘

 

You’ll get a detailed list of packages that have vulnerabilities. If you look at the field ‘Path’, it shows the dependency path. For example, the Path express > accepts > negotiator means Express depends on the package Accepts. The package Accepts depends on the the package negotiator which contains the vulnerability.

There are two ways of fixing all these problems. We can either execute the command npm install express@4.16.4 as suggested, or run npm audit fix. Let’s do the latter:

$ npm audit fix

 

  • express@4.16.4
    added 15 packages from 11 contributors, removed 8 packages and updated 28 packages in 5.302s
    fixed 21 of 21 vulnerabilities in 123 scanned packages

 

As you can see from the above report, all the vulnerabilities have been resolved. The command npm audit fix simply upgraded the affected packages to the latest versions. However, do note that not all vulnerabilities can be fixed automatically. This could happen if you are using a package that underwent a major change which could break your current project if updated. For situations such as this, you will have to review your code and do the update manually.

You can also run npm audit fix --force if you don’t mind upgrading packages with breaking changes. After you have executed the command, run npm audit to ensure that all vulnerabilities have been resolved.

 

Aliases

As you may have noticed, there are multiple ways of running npm commands. Here is a brief list of some of the commonly used npm aliases:

  • npm i <package> – install local package
  • npm i -g </package><package> – install global package
  • npm un </package><package> – uninstall local package
  • npm up – npm update packages
  • npm t – run tests
  • npm ls – list installed modules
  • npm ll or npm la – print additional package information while listing modules

You can also install multiple packages at once like this:

$ npm i express momemt lodash mongoose body-parser webpack

If you want to learn all common npm commands, just execute npm help for the full list. You can also learn more in our article 10 Tips and Tricks That Will Make You an npm Ninja.

Version Managers

There are a couple of tools available that allow you to manage multiple versions of Node.js on the same machine. One such tool is n. Another such tool is nvm (Node Version Manager). If you are on Windows, you check out nvm for Windows If this is something you’re interested in, why not check out our tutorial: Install Multiple Versions of Node.js using nvm.

Conclusion

In this tutorial, I have covered the basics of working with npm. I have demonstrated how to install Node.js from the project’s download page, how to alter the location of global packages (so we can avoid using sudo) and how to install packages in local and global mode. I also covered deleting, updating and installing a certain version of a package, as well as managing a project’s dependencies. If you would to learn more about the new features in the latest releases, you can visit the npm Github releases page.

With version 5, npm is making huge strides into the world of front-end development. According to its COO, it’s user base is changing and most of those using it are not using it to write Node at all. Rather it’s becoming a tool that people use to put JavaScript together on the frontend (seriously, you can use it to install just about anything) and one which is becoming an integral part of writing modern JavaScript. Are you using npm in your projects? If not, now might be a good time to start.

Thanks for reading ❤

If you liked this post, share it with all of your programming buddies!

Follow me on Facebook | Twitter

Learn More

The Complete Node.js Developer Course (3rd Edition)

The Complete JavaScript Course 2019: Build Real Projects!

Vue JS 2 - The Complete Guide (incl. Vue Router & Vuex)

npm and the Future of JavaScript

A to Z of Node.js Packages(unconventional)

Google’s Go Essentials For Node.js / JavaScript Developers

Machine Learning In Node.js With TensorFlow.js

 

#npm #node-js #javascript #web-development

Michael Bryan

Michael Bryan

1560746858

A Beginner’s Guide to npm: The Node Package Manager

In this tutorial, we'll discuss NPM (Node Package Manager), its commands, how to install its packages, and certain versions of packages.

Node.js allows you to write applications in JavaScript on the server. It has been written in C++ and built on V8 JavaScript runtime, which makes it fast and reliable. It was initially invented for the better server environment, but now developers use it to build tools to aid them in local task automation. After that, a new network of Node-based tools starts growing to alter the face of front-end development.

Node.js also has a vast ecosystem of libraries that are known as NPM (Node Package Manager) modules. It is considered as the most extensive software packages library in the world having over 600,000 packages. The npm allows users to install the packages that they want to use with a user-friendly interface. The Node.js installation comes with Command Line Interface that allows users to interact with the packages on their local machine.

In this article, we will discuss npm, its commands, how to install its packages, and certain versions of packages. Also, we will talk about package.json and how you can work with it.

What Is npm?

npm stands for Node Package Manager and it works as a project manager for JavaScript. However, it is actually defined in three different parts:

  1. The Website – It is the place where users can browse packages, read the docs, and find general info on npm.
  2. The Registry – It is the database that stores the information and the code for the packages.
  3. The npm Client – It is the tool installed on the developer’s machine to allow them to install, publish, and update packages.

It is considered as a package because it contains multiple files.

Installing Node.js

To use npm, first, you’ll have to install Node.js on your system. Download Node.js and select the version that you want to install on your system. You can find Windows and Mac installers, as well as precompiled Linux libraries and source code. Here, we have used v10.15.3 stable for installing Node.js.

So, let’s see where node.js is installed and check the version:

$ which node

/usr/bin/node

$ node –version

V10.15.3

Now, to verify whether the installation was successful or not, give Node’s REPL a try.

$ node

> console.log('Node is running');

Node is running

> .help

.break Sometimes you get stuck, this gets you out

.clear Alias for .break

.editor Enter editor mode

.exit Exit the repl

.help Show repl options

.load Load JS from a file into the REPL session

.save Save all evaluated commands in this REPL session to a file

> .exit

If the Node.js is successfully installed, you can focus on using npm that is installed within the Node.js package.

$ which npm

/usr/bin/npm

$ npm --version

6.4.1

Working With npm

For modern web development, using npm is no less than a cornerstone, even if it comes as a package manager with Node.js exclusively or build tool for the front-end. For beginners, especially if you’re completely new to Node.js, it can be a bit challenging to understand npm as a tool and its core concepts. But, we still tried to briefly review it in the best and easiest way for you.

Introduction to package.json

Any project that uses Node.js needs to have a package.json file that is known as a patent of your project, which involves the modules and applications it depends on, source control information, and specific metadata like the project’s name, explanation, and source.

A package.json file is always formatted in JSON format to make it readable as metadata and parsable by machines.

Project Dependencies and devDependencies Management in package.json

Another crucial feature of package.json is that it includes a collection of dependencies on which a project relies to function properly. These dependencies make it easy for a project to install the versions of the modules it depends on. By using the install command (discussed in the below part) in a project, developers can install all the dependencies that are included in the package.json, which means you don’t have to bundle them with the project itself.

Also, it separates the dependencies of production and development. For instance, in production, you don’t need a tool to look after your CSS for changes and refresh the app when they are modified, but in both production and development you need the modules that allow you to accomplish certain things with your project, like API Tools, Web framework, and code utilities.

Here is an example of package.json with dependencies and devDependencies.

{
"name": "metaverse",
"version": "0.92.12",
"description": "The Metaverse virtual reality. The final outcome of all virtual worlds, augmented reality, and the Internet.",
"main": "index.js"
"license": "MIT",
"devDependencies": {
	"mocha": "~3.1",
	"native-hello-world": "^1.0.0",
	"should": "~3.3",
	"sinon": "~1.9"
},
"dependencies": {
"	fill-keys": "^1.0.2",
	
	"module-not-found-error": "^1.0.0",
	"resolve": "~1.1.7"
	}
}

However, both the package.json dependencies and devDependencies are objects with multiple key/value pairs. The key refers to the name of the package, whereas the value refers to version range that can be installed.

Essential Commands of npm

As mentioned above, npm comes with a command line interface, which means you’ll have to use a command line tool for most of your interactions. So, here is an overview of commands that you’ll have to use most frequently.

  • npm init for initializing a project.

It is a step-by-step tool command that frames out your project. It prompts the user for a few aspects of the project in the following order:

  • npm init for initializing a project.

Well, it is necessary to know that the npm init command provides suggestions next to the prompt, so if you want to use the suggestions, then hit the Return or Enter button to move to the next prompt.

When you follow the above steps of npm init, it will generate a package.json file and place it in the current directory. You can run this file for your own project or move it to a directory that is not dedicated to your project.

To use the npm init command, use the below command:

npm init # This will trigger the initialization.

However, if you want to accept the prompts that come from npm init automatically, then use the –yes flag on the npm init command. It will populate all the options automatically with the default npm init values.

npm Modules and Their Installation

As described earlier, the npm library is very extensive, which makes it difficult for users to find the right modules and tools for your application. So, here we have tried to cover the most useful modules for development.

1. Nodemon

It is a useful command line interface utility that is used in the development stage of the application. Usually, when changes are made to an application, developers need to restart the server manually. Using Nodemon, this process can be alleviated as it wraps the Node application, watches for file changes, and then restarts the server automatically whenever changes are made to it. You can install this module with the following command:

npm install Nodemon –save-dev

Then, restart the server in the command prompt with nodemon:

nodemon index.js

2. Express

Express is a web application framework that wraps a Node.js web server. It provides simple API, routing, and middleware functions. It is normally used for RESTful APIs, single page application serving, and static content serving. To install the Express module, use the following command:

npm install express

Once express is installed, create an index.js file in your root folder with the following code:

const express = require('express');
const server = express();
server.use(express.json());
server.listen(5000, () => {
	console.log("Server running at port 5000")
});

After running the above code, go to the command line in your project directory and add:

node index.js

The express server will be created in your directory and it will be connected to localhost.

3. Helmet

Helmet is a middleware module that can be used with Express to secure an application. It sets appropriate HTTP headers that hide secure information from malicious users or malware attacks. Other headers in Helmet prevent malicious users from accessing crucial information with forget certificates and prevent cross-site scripting attacks. You can install the Helmet module in the project library with the following command:

npm install helmet

Then, import the package in your index.js file and use the middleware in the server with the following code:

const helmet = require (‘helmet’);
Server.use (helmet());

But, make sure all the requests in your server are set so that server.use can call the requests.

Similarly, you can install other npm packages to your server. But, it is necessary to know that npm can install packages in local and global mode. In local mode, the above method is used, whereas, in global mode packages are installed in {prefix}/lib/node_modules/ which means you’ll have to use sudo to install packages globally.

Changing Location of Global Packages

If you want to change the location of global packages, then you can use the npm config.

$ npm config list
; cli configs
user-agent = "npm/6.9.0 node/v10.15.3 linux x64"
; userconfig /home/sitepoint/.npmrc
prefix = "/home/sitepoint/.node_modules_global"
; node bin location = /usr/bin/nodejs
; cwd = /home/sitepoint
; HOME = /home/sitepoint
; "npm config ls -l" to show all defaults.

It will provide you with the information related to installation, but you need to get the current global location of the packages, which can be achieved with:

$ npm config get prefix
/usr

You’ll have to use the above prefix to install global packages in the home directory. For that, create a new directory in the home folder:

$ cd ~ && mkdir .node_modules_global
$ npm config set prefix=$HOME/.node_modules_global

With this configuration change, you can alter the location to where global Node packages are installed. It will also create a .npmrc file in the home directory.

$ npm config get prefix
/home/sitepoint/.node_modules_global
$ cat .npmrc
prefix=/home/sitepoint/.node_modules_global
$ npm config get prefix
/home/sitepoint/.node_modules_global
$ cat .npmrc
prefix=/home/sitepoint/.node_modules_global

If you still have npm installed in a location owned by the root directory, then you need to install npm again. It will also install the latest version of npm.

npm install npm@latest -g

At last, you need to add .node_modules_global/bin to the $PATH environment variable so that you can run global packages from the command line.

#node-js #npm

Markus  Bartell

Markus Bartell

1603181227

A Beginner’s Guide to NPM, the Node Package Manager

Sometimes you’re left wondering, “What is NPM”? This article is a gentle introduction into what NPM is and what it does for you.

You may have seen tutorials online where they tell you that you need to install something using NPM. Generally, you’re given the command to copy and paste, and without really thinking, you do so.

However, what’s really going on whenever you’re using NPM? When you copy and paste commands from a tutorial, do you truly understand what they mean?

What is NPM?

NPM stands for Node Package Manager and is one of the multiple package managers (others include Yarn, Bower, etc.) available for the Javascript programming language. Furthermore, it’s the default package manager for Node.js.

NPM has a command-line client, which is generally how you install packages. What seems magical is how NPM knows what to download. All you do is give the name of the package you’d like, and NPM knows where to get it from. This is because NPM has an online database of public and paid-for private packages called the NPM registry.

Image for post

The NPM registry can be accessed online.

So whenever you type in something like:

$ npm install styled-components

It will look for styled-components as the key and find where to download the package from the online database. NPM takes care of downloading and installing Styled Components for you.

What is a Package Manager?

Essentially, a package manager is a collection of software tools that a developer can use to automate managing packages in a standardized manner.

Image for post

Imagine having to manually download libraries such as React, Redux, Styled Components to get your project running. You’d have to check each package’s version number and get the correct dependencies as well. That doesn’t really sound like time well-spent for a developer.

That’s where NPM comes in, as a software tool, and helps us, developers, out. We no longer have to manage third-party packages for our project manually. It’s all been made easy with NPM.

Thanks, NPM.

What Purpose Does NPM Serve?

Like mentioned before, NPM helps with managing packages for our project. Since NPM automates managing packages, developers can focus more on developing and less on packages’ maintenance.

So it acts as an assistant to the developer. How a doctor diagnoses a problem and tells his or her assistant to get a specific tool, you will be able to diagnose a bug, determine the best possible solution for it and have NPM retrieve the packages, otherwise known as the tools.

Image for post

Developers picking out third-party packages

High-Level Overview of NPM

As a general rule, any project that is using Node.js will need a package.json file. The package.json file is basically the control panel for NPM. This is where you tell NPM which libraries you want to import, information about source control, project metadata, and more.

Whenever you run npm install, NPM will look to your package.json file and look at what libraries you want to import.

Before we go any further, though, we should understand the difference between a local and global installation. There is a slight distinction that plays a part in the package.json file.

Local Installation

A local installation downloads the package files into your project’s folder. The package files are installed “locally” to your project.

You may sometimes notice a node_modules folder in your projects. This is the folder that holds those downloaded files. As you add more packages to your project, this folder will get heavier.

Whenever you are working with Git, it is recommended not to push the node_modules folder because of how large it can get. Rather the recommended action is to use the --save flag whenever installing a package, so it gets tracked in your package.json file. Instead of pushing the entire node_modules folder, you will push the package.json file that contains all the packages to download. Teammates can download the package.json file and locally install the node_modules folder themselves.

Global Installation

Think of a global installation as if you’re downloading the package to your computer so you can use it outside of your current project. You can globally install a package by using the -g flag when installing. So, for example, if you wanted to install the Webpack CLI globally, you would use the following command:

$ npm install -g webpack-cli

This will allow you to use the Webpack CLI anywhere on your computer. NPM takes care of hooking things up with your operating system to be used outside of your project.

When to Use Global or Local

There are a few rules of thumbs that you can follow to know when to install globally versus installing locally.

  1. If the packages include command-line tools, download them globally.
  2. If the packages are to be used for your project, download them locally.
  3. If you need to do both, install both globally and locally.

What is the NPM Registry?

The NPM registry is a database collection of open-source packages for Node.js, front-end frameworks, and Javascript in general. When you install NPM onto your machine, the default registry URL is set to https://registry.npmjs.org/

If you put that link into your browser, you’ll get back a JSON object that gives some information about the NPM registry.

Whenever you run npm install <package-name> you are telling NPM to look for the package name through the registry URL. This is how NPM can find the packages that you are looking for.

#javascript #npm #node #programming #developer