NPM — Have you really got it?

NPM is the package management tool for the JavaScript world and is the default package management tool for the Node.js platform. NPM allows you to install, share, distribute code, and manage project dependencies.

The problem

  • NPM install NMP init… ?
  • Are you still struggling to install –save-dev — save-s-d?
  • Are you still using CNPM or NPM config set Registry — to modify the source?
  • How do you debug NPM packages locally?
  • Why does NPM install now generate package_lock.json?
  • Do you know what the generated package.json is?
  • .

start

Before we begin, if you know all the above questions clearly, this article will not make much sense to you. If there is still ambiguity in some areas, take a look with me at what NPM is selling.

How to develop an NPM package?

If we have a feature that we’re going to use a lot we’re going to pull it out and call it; If this functionality is invoked multiple times throughout team development (e.g. utility class methods, Modal layer components), we pull it out into common components for team members to use; For more people to use, we can publish it as an NPM package to a remote repository.

Initialize a package

npm init

Generate a package.json file in the development directory that contains the installation package information for other developers to use. But directly NPM init we need to follow the command line prompts step by step to complete the basic information; How to skip it?Copy the code

** Install the kit we need **

** npm init -f(force) / npm init -y(yes)**

In this case, the information is skipped and package.json is generated locally. We'll talk more about package.json later.Copy the code

npm install < packageName >

Installation module; NPM install will go directly to install package. The json file dependencies/devDependencies rely on nodes. -g-golbal --save -d... -g-golbal --save -d... These will be explained in detail belowCopy the code
  • –save-dev / -D
Install the development environment dependencies under the devDependencies node in the package.json file. Ex: NPM install --save-dev glup - NPM I -d glupCopy the code
  • –save / -S
Install production environment dependencies under dependencies in the package.json file. Ex: NPM install --save axios - NPM i-s axiosCopy the code
  • ** –save-exact**
Install dependencies for the exact version of the production environment in the Dependencies section of the package.json file. The package version number in the dependencies node does not have a ~ symbol in front of it. Ex: NPM install --save-exact jqueryCopy the code
  • -g / -golbal
Represents a global installation dependency. If the dependency is not installed with -g/-golbal. The dependency is installed directly into the node_module of the working directory. Otherwise, dependencies will be installed in the global node_module. The global installation path depends on the local system, but you can also use NPM configsetPrefix <path> to set.Copy the code

Resolve the problem of slow installation dependency

When we started to use NPM I to install the package, due to various reasons, the installation took too long and even failed. This is something we cannot tolerate. The online solution is to install the CNPM modification source to fix the problem. Is there a better way?

  • Online Solutions
NPM install CNPM - g - registry=https://registry.npm.taobao.org ok! We can happily install with CNPM. npmsetRegistry https://registry.npm.taobao.org/ ok! Modify the NPM source directly so that we can use NPM.Copy the code

Because some companies will deploy NPM warehouse internally for security and stability, we have to switch to Taobao source for development at home, and then to the source of the company. This three or five times will be very annoying.

  • A better way

Install NRM (NRM is a registry dedicated to managing and quickly switching private configurations)

NPM install NRM -g -s Install NRM globallyCopy the code
NRM ls view View the default configuration with * is the source we currently useCopy the code
To check the current source, run the following command: NRM use CNPM Switch between different sourcesCopy the code
If your company's source is http://registry.xxx.org NRM add company http://registry.xxx.org add company's source NRM ls to check whether it is added successfully. If the NRM is successful, one more company's source NRM will use company. If the NRM is switched to the company's source NRM, del Company will be removedCopy the code

There is a good introduction to NRM usage

A collection of manipulation techniques for dependent packages

npm uninstall < packageName >

Uninstall the module. Uninstall the dependency packages of the working directory; Ex: NPM uninstall jquery (-g / --save-dev / --save) -g: uninstall the dependencies of the global installation --save-dev: uninstall the dependencies of the working directory; Json < span style = "box-sizing: border-box; color: RGB (51, 51, 51); Also delete the information for devDependencies in package.jsonCopy the code

npm update < packageName >

Update dependency packages. Ex: NPM Update Express (-g) -g: updates the global environmentCopy the code

npm root < packageName >

View the installation path of dependency packages. Ex: NPM root Express (-g) -g: indicates the installation address of dependent packages in the global environmentCopy the code

npm list < packageName >

View all installed dependency packages. Ex: NPM list NPM ls (-g) -g: query the dependency packages of the global environment.Copy the code

npm outdated < packageName >

View expired dependency packages. Ex: NPM outdated (-g/PKG) -g: View global dependencies. PKG: View the corresponding PKG. Note: It is recommended to use nPM-check, a more powerful tool for checking dependencies, for more powerful analysis of packages and for providing interactive updates by adding parameters. Please refer to its documentation for detailsCopy the code

npm prune < packageName >

Delete unused dependency packages. Ex: NPM prune (PKG) PKG: Deletes the PKG.Copy the code

Locking installation dependencies

npm config set save-prefix="flag"Flag: Optional (~, ^) or NPM configset save-exact trueNPM install -eCopy the code

npm home < packageName >

Run the home command to open the home page of this package. This package can be opened regardless of whether it is installed globally on your machine, or even if it does not exist in your current project. ex: npm home expressCopy the code

**npm repo < packageName > **

How to open the Github repository address for package. This package can be opened regardless of whether it is installed globally on your machine, or even if it does not exist in your current project.Copy the code

**npm shrinkwrap **

Using the shrinkwrap command generates an NPm-shrinkwrap. Json file in your current project. It locks dependencies referenced in the current package.json, and the next time NPM install is executed, it actually installs the locked dependencies in shrinkwrap. Note: NPM generates package-locke. json by default in version 5.0.0+, which means you don't need NPM shrinkwrap nowCopy the code

Package-lock. json is designed to let developers know that as long as you save the source file to a new machine or a new download source, you can ensure that all the libraries are exactly the same as the last time you installed them by downloading the dependent library packages according to the specific version indicated in package-lock.json.

Here’s a good package_lock.json q&A at —-

Dependency package debugging techniques

npm link

Suppose unit (development dependencies); How do we debug unit to make it work before we release it? Link the unit dependency package globally, then link it to the local node_modules in the project you want to debug. Ex: $Go to the module directory and link it to the global directory
$ cd path/to/my-utils
$ npm link
$
$ # Go to the project directory via the package name to link
$ cd path/to/my-project
$ npm link my-utils
Copy the code

Here is a good introduction to link usage

package.json

{
  "name": "normalize.css"."version": "3.0.3"."description": "Normalize.css as a node packaged module"."style": "normalize.css"."files": [
    "LICENSE.md"."normalize.css"]."homepage": "http://necolas.github.io/normalize.css"."repository": {
    "type": "git"."url": "git://github.com/necolas/normalize.css.git"
  },
  "main": "normalize.css"."author": {
    "name": "Nicolas Gallagher"
  },
  "license": "MIT"."gitHead": "2bdda84272650aedfb45d8abe11a6d177933a803"."bugs": {
    "url": "https://github.com/necolas/normalize.css/issues"
  },
  "_id": "[email protected]"."scripts": {
      "start": "node index.js"
  },
   "dependencies": {
    "express": "latest"."mongoose": "~ 3.8.3"."handlebars-runtime": "~ 1.0.12"."express3-handlebars": "~ 0.5.0"."MD5": "~ 1.2.0"
  },
  "devDependencies": {
    "bower": "~ 1.2.8"."grunt": "~ 0.4.1"."grunt-contrib-concat": "~ 0.3.0"."grunt-contrib-jshint": "~ 0.7.2"."grunt-contrib-uglify": "~ 0.2.7"."grunt-contrib-clean": "~ 0.5.0"."browserify": "2.36.1"."grunt-browserify": "~ 1.3.0",}"_shasum": "acc00262e235a2caa91363a2e5e3bfa4f8ad05c6"."_from": "[email protected]"."_npmVersion": "2.7.0"."_nodeVersion": "0.10.35"."_npmUser": {
    "name": "necolas"."email": "[email protected]"
  },
  "maintainers": [{"name": "tjholowaychuk"."email": "[email protected]"
    },
    {
      "name": "necolas"."email": "[email protected]"}]."bin" : { "myapp" : "./cli.js" }
  "dist": {
  "shasum": "acc00262e235a2caa91363a2e5e3bfa4f8ad05c6"."tarball": "https://registry.npmjs.org/normalize.css/-/normalize.css-3.0.3.tgz"
  },
  "directories": {},
  "_resolved": "https://registry.npmjs.org/normalize.css/-/normalize.css-3.0.3.tgz"."readme": "ERROR: No README data found!"
}
Copy the code

Name – Packet name version – Packet version number Description – The description of the packet. Homepage – The official URL of this package. Author – the author of the packet, whose value is your valid account name on the https://npmjs.org website, following the “account name < mail >” rules, and the other contributors to the packet. Dependencies/devDependencies – List of production/development environment dependencies (-s -d installs into this directory). They will be installed in the node_module directory. Repository – The package code’s Repo information, including type and URL. Type can be git or SVN, and URL is the package’s Repo address. The main-main field specifies the program’s main entry file, which requires (‘moduleName’) loads. The default value for this field is index.js under the module root. Keywords – Keywords

  • bin

Many packages have one or more executables that you want to install to the system path. It’s very easy to do this under NPM (in fact, that’s how NPM works). This requires providing a bin field in your package.json, which is a mapping between the command name and the local file name. At installation time, NPM will use symbolic links to link these files to prefix/bin if it is a global installation or./node_modules/.bin/ if it is a local installation.

Such as: bin": {"myapp":"./cli.js"}Copy the code

This way, when you install myapp, NPM creates a symbolic link from the cli.js file to /usr/local/bin/myapp (this allows you to execute myapp directly from the command line).

  • Mongoose “:” ~ 3.8.3

The full version number of an NPM module is usually major. Minor. Patch.

3.8.3: Current version >3.8.3: must be greater than 3.8.3 <3.8.3: Must be smaller than 3.8 to 3.8.3: matches the latest version 3.8.x. 3.9.0 ^3.8.3: will match the latest version of 3.x.x; 4.0.0 will not be automatically upgradedCopy the code

There is a good introduction to package.json