DEV Community

TK
TK

Posted on

npm install 101

About this article

How to Install npm Packages | CSS-Tricks - CSS-Tricks
๐Ÿ‘†This article was very clear about what was happening with npm install, so I summarized the main points. ๐Ÿ“

npm intall 101 ๐Ÿง‘โ€๐Ÿซ

Files/Folder ๐Ÿ—‚

With npm install, following files/folder is created/updated.

  • package.json
    • High level overview of packages
  • package-lock.json
    • Technical specifics
    • In-depth, precise snapshot of the projectโ€™s dependency tree
    • Never supposed to be updated by hand
  • node_modules folder
    • All the actual package code lives(Including dependencies)
    • The node_modules folder is not meant to be committed to Git or even shared

Whatโ€™s happening with npm install ๐Ÿง

  1. Update the package.json file
  2. Update the package-lock.json file
  3. Installl the actual package files and dependencies in node_modules folder
  4. Runs an audit of the installed package

What is npm auditโœ…

  • Packages with known vulnerabilities are called out
  • It runs automatically any time you install a package
  • npm audit fix: Let npm to update packages with vulnerabilities to a new minor version
  • npm audit fix --force: Let npm to update packages with vulnerabilities to a new major version(โ€ป Risky ๐Ÿ’ฃ)

Tips โ˜๏ธ

  • To fix unexpected issues with npm project by deleting node_modules and re-running $ npm install

Resources

How to Install npm Packages | CSS-Tricks - CSS-Tricks

Top comments (0)