We all have setup our node package manager application at least once. We hardly give importance to the npm because it is not a core part of our development. We perceive npm as a file which is just a dependency holder. But npm is much more than that, it is not difficult to have an average grip on npm.
Let's begin with all the popular commands 🛣
npm init
This is the first command which you will use when you are setting up your project.
This command asks for general information about the project name, description, version, author, github-link, homepage etc. It will generate a package.json file in your root folder.
You can edit the information anytime.
If you don't want to enter the information and want to go for defaults then run this npm init --yes
This will pick the data from your config setup.
npm config
You can update your config with this.
For example:
npm config set init-author-name "Ankit Kumar"
Fetch the value
npm config get init-author-name
npm install
Install the dependencies present in the package.json. Shorthand
npm i
To install a package use:
npm i package-name
To save in dependencies:
npm i package-name --save
To save in dev dependencies:
npm i package-name --save-dev or npm i package-name -D
Install a package globally:
npm i package-name --global
or
npm i package-name -g
npm uninstall
Shorthand
npm un
To uninstall a package do:
npm un package-name -g or -D or --save
-g - remove package from global list
--save - remove package from dependency list
-D - remove package from dev dependency list
npm ci
This command is similar to npm install except it is used in automated environment like test platforms, continuous integration and deployments.
- To run
npm ci,package-lock.jsonmust be present - If there is any version mismatch between
package.jsonandpackage-lock.jsonthen it will exit with errors. - It is used to install entire projects and not individual package
- It will never write to
package.jsonor any of thepackage-locks: installs are essentially frozen. - If a node_modules is already present, it will be automatically removed before
npm cibegins its install.
npm audit
Scan your project for vulnerabilities and automatically install any compatible updates to vulnerable dependencies:
npm audit fix
npm cache
Add the specified package to the local cache. This command is primarily intended to be used internally by NPM, but it can provide a way to add data to the local installation cache explicitly.
npm cache add <tarball file>
npm cache add <folder>
npm cache add <tarball url>
npm cache add <name>@<version>
Whenever we install any package it does not caches so to make it available offline, we can use this command.
Fortunately, yarn caches all the packages you install and is available offline.
npm ls
This command will print to stdout all the versions of packages that are installed, as well as their dependencies, in a tree-structure.
npm link
This is very common for dev who wants to test their component locally before publishing it on the npm registry. It will create a symbolic link in the global folder. {prefix}/lib/node_modules/<package> that links to the package where the npm link command was executed.
Next, in some other location, npm link package-name will create a symbolic link from globally-installed package-name to node_modules/ of the current folder. Now you can import your created component and it should be present in the node_modules
Note that package-name is taken from package.json, not from directory name.
npm publish
Publishes a package to the registry so that it can be installed by name. All files in the package directory are included if no local .gitignore or .npmignore file exists.
By default npm will publish to the public registry. This can be overridden by specifying a different default registry or using a scope in the name (see package.json).
npm pack
It creates a installable file with .tgz extension called tarball. This is a package file which can be install in any app.
For example :
example-component.tgz is tarball file. I will copy this in any node app. I will add this in my package.json like below
"dependency": {
"example-component: "file: ./example-component.tgz"
}
and run
npm i/install
npm help
If supplied a topic, then show the appropriate documentation page.
If the topic does not exist, or if multiple terms are provided, then run the help-search command to find a match.
npm whoami
Print the username config to standard output.
npm login/logout
It just logins and logout
Please go through the full NPM docs as I have mentioned only those commands which I have seen others and used myself commonly.
Thanks for dropping by 🌟
Add a ❤️ if you liked it. Checkout my GitHub profile for cool projects. I have published many NPM packages.
Support me by following me on twitter
Top comments (5)
Thanks for the list, cool share 👍.
The
--saveflag of theinstallcommand has become the default (since npm v6 maybe?). Therefore it can be skipped has it has actually no particular effect as if it would not be provided.Another
installflag I began recently to use quite often is--package-lock-only. Useful to resolve security vulnerabilities without bumping a direct dependency.Another important one (just saw a YT video)
npm config set ignore-scripts true
Nice.
Good overview! As a consumer, rather than a publisher, I've also used npm outdated and npm update a lot to stay ahead of dependency vulnerabilities. You can even run npm update to install dependencies in package.json the first time & get the latest matching those versions, instead of calling npm install first.
Thanks for this