About NPM
npm consists of three distinct components:
- the website
- the Command Line Interface (CLI)
- the registry
Use the website to discover packages, set up profiles, and manage other aspects of your npm experience. For example, you can set up organizations to manage access to public or private packages.
The CLI runs from a terminal, and is how most developers interact with npm.
The registry is a large public database of JavaScript software and the meta-information surrounding it.
About npm Packages
The npm registry contains packages, many of which are also Node modules, or contain Node modules. Read on to understand how they differ and how they interact.
About packages
A package is a file or directory that is described by a package.json
file. A package must contain a package.json
file in order to be published to the npm registry. For more information on creating a package.json
file, see "Creating a package.json file".
Packages can be unscoped or scoped to a user or organization, and scoped packages can be private or public. For more information, see
About package formats
A package is any of the following:
- a) A folder containing a program described by a
package.json
file. - b) A gzipped tarball containing (a).
- c) A URL that resolves to (b).
- d) A
<name>@<version>
that is published on the registry with (c). - e) A
<name>@<tag>
that points to (d). - f) A
<name>
that has alatest
tag satisfying (e). - g) A
git
url that, when cloned, results in (a).
npm package git URL formats
Git URLs used for npm packages can be formatted in the following ways:
git://github.com/user/project.git#commit-ish
git+ssh://user@hostname:project.git#commit-ish
git+http://user@hostname/project/blah.git#commit-ish
git+https://user@hostname/project/blah.git#commit-ish
The commit-ish
can be any tag, sha, or branch that can be supplied as an argument to git checkout
. The default commit-ish
is master
.
About modules
A module is any file or directory in the node_modules
directory that can be loaded by the Node.js require()
function.
To be loaded by the Node.js require()
function, a module must be one of the following:
- A folder with a
package.json
file containing a"main"
field. - A JavaScript file.
Note:Since modules are not required to have a
package.json
file, not all modules are packages. Only modules that have a
package.json
file are also packages.
In the context of a Node program, the module
is also the thing that was loaded from a file. For example, in the following program:
var req = require('request')
we might say that "The variable req
refers to the request
module".
You can read about Packages and modules here
Role of npm in OpenSource
- Adapt packages of code for your apps, or incorporate packages as they are.
- Download standalone tools you can use right away.
- Run packages without downloading using npx.
- Share code with any npm user, anywhere.
- Restrict code to specific developers.
- Create organizations to coordinate package maintenance, coding, and developers.
- Form virtual teams by using organizations.
- Manage multiple versions of code and code dependencies.
- Update applications easily when underlying code is updated.
- Discover multiple ways to solve the same puzzle.
- Find other developers who are working on similar problems and projects.
Setting up npm in various operating system and linux distributions-:
Downloading and installing Node.js and npm
To publish and install packages to and from the public npm registry or your company's npm Enterprise registry, you must install Node.js and the npm command line interface using either a Node version manager or a Node installer. We strongly recommend using a Node version manager like nvm to install Node.js and npm. We do not recommend using a Node installer, since the Node installation process installs npm in a directory with local permissions and can cause permissions errors when you run npm packages globally.
Note: npm Enterprise requires npm 4.4.x or greater. To download the latest version of npm, on the command line, run the following command:
npm install -g npm
Overview
- Checking your version of npm and Node.js
To see if you already have Node.js and npm installed and check the installed version, run the following commands:
node -v
npm -v
- Using a Node version manager to install Node.js and npm
Node version managers allow you to install and switch between multiple versions of Node.js and npm on your system so you can test your applications on multiple versions of npm to ensure they work for users on different versions.
OSX or Linux Node version managers
Windows-node-version-managers
Using a Node installer to install Node.js and npm
If you are unable to use a Node version manager, you can use a Node installer to install both Node.js and npm on your system.
If you use Linux, we recommend that you use a NodeSource installer.
OS X or Windows Node installers
If you're using OS X or Windows, use one of the installers from the Node.js download page. Be sure to install the version labeled LTS. Other versions have not yet been tested with npm.
Linux or other operating systems Node installers
If you're using Linux or another operating system, use one of the following installers:
- NodeSource installer (recommended)
- One of the installers on the Node.js download page
Or see this page to install npm for Linux in the way many Linux developers prefer.
Less-common operating systems
For more information on installing Node.js on a variety of operating systems, see this page.
Basic commands used in npm
The most commonly used npm commands
After setting up node.js development environment, you need to know some basic commands of node package manager npm
. The followings are the most commonly used ones.
- Install package globally. Global packages are usually for executable commands.
$ npm install <package name> -g
# example
$ npm install express -g
# now we can use express to generate a new app
$ express new app
- Install package locally. Local packages are for the use of
require
in the app.
$ cd /path/to/the/project
$ npm install <package name>
# example
$ npm install express
# now you can use `var express = require( 'express' );` in your app
- Uninstall global package.
$ npm uninstall <package name> -g
# example
$ npm uninstall express -g
- Uninstall local package.
$ cd /path/to/the/project
$ npm uninstall <package name>
# example
$ npm uninstall express
- Search package.
$ npm search <package name>
# example
$ npm search express
- List global packages.
$ npm ls -g
- List global packages detail.
$ npm ls -gl
- List local packages.
$ cd /path/to/the/project
$ npm ls
- List local packages detail.
$ cd /path/to/the/project
$ npm ls -l
</pre></code>
- Update global packages.
$ npm update -g
- Update local packages.
$ cd /path/to/the/project
$ npm update
#### Using `package.json` to manage your app packages
With a `package.json` file in the root of your app dir, you don't need to manually install every package.
- Instead of doing
$ cd /path/to/the/project $ npm install mongoose $ npm install express $ npm install jade
- Create a `package.json` file in the root of your app dir
$ cd /path/to/the/project $ touch package.json
- package.json
{ "name": "your app name" , "version": "0.0.1" , "private": true , "dependencies": { "express": ">=2.5.0" , "jade": ">= 0.16.4" , "mongoose": ">=2.3.10" } }
- Then type in the following command all your packages will be installed.
$ npm install -l
## npm vs npx
<img src="https://media.geeksforgeeks.org/wp-content/uploads/20200205103253/Untitled-Diagram-1410.png" alt="npm vs npx"/>
| npm | npx |
| --- | --- |
| If you wish to run package through npm then you have to specify that package in your package.json and installed it locally. | A package can be executable without installing the package, it is an npm package runner so if any packages that aren’t already installed it will installed automatically. |
| To use create-react-app in npm the commands are npm install create-react-app then create-react-app myApp(Installation required). | But in npx you can use that without installing like npx create-react-app myApp, this command is required in every app’s life cycle only once. |
| Npm is a tool that use to install packages. | Npx is a tool that use to execute packages. |
| Packages used by npm are installed globally you have to care about pollution for the long term. | Packages used by npx are not installed globally so you have to carefree for the pollution for the long term. |
So this was all you need to know about npm and how is it useful in Opensource.
## HAPPY LEARNING 😎🙌
### References-:
- The images have been taken from these resources.[Image1](https://media.geeksforgeeks.org/wp-content/uploads/20200205103253/Untitled-Diagram-1410.png) [Image2](https://snyk.io/wp-content/uploads/Malicious-code-found-in-npm-package-event-stream-downloaded-8-million-times-in-the-past-2.5-months-.jpg)
- Official Documentation of [npm](https://docs.npmjs.com/).
- Links from official documentation of [npm](https://docs.npmjs.com/) have also been mentioned at places for the sake of making user experience easy.