About this article
How to Install npm Packages | CSS-Tricks - CSS-Tricks
๐This article was very clear about what was happening with npm install
, so I summarized the main points. ๐
npm intall 101 ๐งโ๐ซ
Files/Folder ๐
With npm install
, following files/folder is created/updated.
-
package.json
- High level overview of packages
-
package-lock.json
- Technical specifics
- In-depth, precise snapshot of the projectโs dependency tree
- Never supposed to be updated by hand
-
node_modules folder
- All the actual package code lives(Including dependencies)
- The node_modules folder is not meant to be committed to Git or even shared
Whatโs happening with npm install
๐ง
- Update the package.json file
- Update the package-lock.json file
- Installl the actual package files and dependencies in node_modules folder
- Runs an audit of the installed package
What is npm audit
โ
- Packages with known vulnerabilities are called out
- It runs automatically any time you install a package
-
npm audit fix
: Let npm to update packages with vulnerabilities to a new minor version -
npm audit fix --force
: Let npm to update packages with vulnerabilities to a new major version(โป Risky ๐ฃ)
Tips โ๏ธ
- To fix unexpected issues with npm project by deleting node_modules and re-running
$ npm install
Top comments (0)