npm and everything you need to know about the package.json

What is npm?

npm is a package manager for NodeJS. It is also the largest single language code repository on earth and a tool for installing and managing packages from the repository on the command line.

What is a package?

The npm registry consists of numerous packages or libraries that can be downloaded, installed, and used as a dependency in a NodeJS project. An npm package is a reusable piece of code published to the npm registry. It helps developers improve their workflow by incorporating functionality, thereby reducing the need to write redundant or repetitive code.

How do I install a package in my NodeJS project?

By using the CLI command npm install

• npm install: This command will install all the dependencies mentioned in the package.json in the node_modules folder.
• npm install <package-name>: Installs the package in the current project directory (inside the node_modules folder). The package is accessible only within that project.
• npm install -g <package-name>: Installs the package system-wide, making it available from anywhere on your machine.
• npm install <package-name>@<version-number>: Installs a specific version of that package.
• npm install <package-name> --save-dev: Installs the package and puts it in the devDependencies block of package.json
• npm install <package-name> --no-save: Installs the package but does not add the entry to the package.json file dependencies.
• npm install <package-name> --save-optional: Installs the package and adds the entry to the package.json file's optionalDependencies
• npm install <package-name> --no-optional: This will prevent the installation of optional dependencies.

What is package.json?

package.json is a configuration file used in Node.js projects to manage project metadata, dependencies, and scripts. It acts as the heart of a NodeJS project.

What is the difference between devDependencies and peerDependencies?

devDependencies: These are packages and libraries needed only during development or testing. They are not included in the production code.

Installation:

npm install tslint --save-dev

peerDependencies: These are dependencies that the project needs to work on, but it expects the user who is installing the package to provide the dependency.

"peerDependencies": {
  "graphql": ">=10.0.0"
}

The above block means:

• The project needs the package graphql to work.
• It needs the version of the graphql package to be 10.0.0 or higher.
• The package users must install GraphQL themselves.

Scripts in package.json

The scripts field in package.json defines commands that can be run using npm run <script-name>. Some scripts worth mentioning:

start: The command to start the application.

"start": "node index.js"

build: Used for production builds.

"build": "webpack --mode production"

test: Runs the unit test suite.

"test": "nyc"

dev: Starts the development server.

"dev": "nodemon index.js"

lint: Runs a linter to check code quality.

"lint": "tslint ."

clean: Cleans up build artefacts.

"clean": "rm -rf dist"

compile: Used to transpile source code into a different format (e.g., TypeScript to JavaScript)

"compile": "tsc"

publish: Used to publish the package to a registry like npm.

"publish": "npm publish"

• Pre/Post Hooks: There are also pre/post hooks for scripts like preinstall, postinstall, prebuild, precompile, postpublish etc.

• Custom scripts: Custom scripts can also be written in the package.json and can be just run using npm run <script-name>

npm package versioning

Major: When a feature is added with a breaking change in the functionality.
Minor: When a feature is added in a backward-compatible manner.
Patch: When a bug is fixed, which doesn't break any backward compatibility.

Version: 1.2.3

Here, 1 is major, 2 is minor, and 3 is patch.