npm stands for pkgmakeinst as per the npm docs.
npm has a command-line client which is called npm CLI or just
npm. npm comes installed with the Node. npmjs is the site where npm packages can be browsed and searched.
Here we are going to see the npm commands in CLI to install, update and manage various packages from the npm registry.
There are a lot of npm commands for dealing with npm packages but our main focus will be on the commands related to consuming the packages not creating or publishing those.
Essential npm commands
To check the npm version
npm --version(or -v) // To see your npm version
npm init or npm init -y // To autocomplete the details
For installing packages
npm i --save(or -S) <package> // To save in dependencies list npm i --save-dev(or -D) <package> // To save in dev dependencies list // Shorthand commands for the above npm i <package> // By default packages get added to dependencies npm i -D <package> // To add to dev dependencies // To install a particular version of the package npm i <package>@5.1.1 // version as per the need, 5.1.1 is a sample version // To install all the packages from package.json npm install or npm i // To install global package accessible to all the projects npm install -g <package> or npm i -g <package>
For listing or checking packages
// From npm v7.x, list command by default lists only the installed package names, not their dependencies npm list(or ls or la or ll) // Lists all the packages installed in the current project npm list --all // Lists all the packages with dependencies in a tree structure // To list global packages just use -g flag npm list -g // Lists all globally installed packages npm list -g --all // Lista all global packages with dependencies // Shorthand for --all is -a // ls, la, ll are all aliases for list, any of those shorthands can be used
For updating packages
// For updating a single package(semver contraints will be respected) npm update <package> // Updates package to the latest version in the current project npm update -g <package> // Updates global project to the latest version // For updating all packages npm update // Updates all packages to their latest versions respecting their semver contraints npm update -g // Updates all global packages to their latest versions respecting semver contraints // Shorthand commands for the above npm up <package> npm up -g <package> npm up npm up -g // To check the outdated packages instead of directly updating npm outdated // Lists the outdated packages in the current project directory npm -g outdated // Lists the outdated global packages // To manually update any package to any version npm i <package>@version npm i -g <package>@version
Semver means semantic versioning. For the dependencies in the package.json, besides version number, a small hat(^) or tilde(~) is prefixed for some dependencies. It means those dependencies can be updated to the latest minor version when it is prefixed with (^) and to the latest patch version when it is prefixed with (~).
npm up command when updating such dependencies considers semver prefixes without breaking the project or that dependency.
There's a whole site dedicated for semver to learn more about it.
For uninstalling packages
npm uninstall <package> // To uninstall the current project package npm uninstall -g <package> // To uninstall the globally installed package // Shorthand commands for the above npm un <package> npm un -g <package>
For viewing package details
npm view <package> // Shows details about that particular package npm view -g <package> // To see details for the globally installed package // info, show, v are the aliases for view // To see particular version details use @version
For searching packages
npm search <keyword(s)> // List all the packages matching the keyword // s, se, find are the aliases for search
For auditing packages
npm audit // To scan project and list all the vulnerabilities without fixing anything npm audit --json // To audit and list the details in a JSON format npm audit fix // To scan the project for vulnerabilities and automatically install compatible updates to vulnerable dependencies npm audit --dry-run --json // To get an idea of what audit fix will do, and output the information in JSON format
npm ci // To do a clean install by removing the existing node_modules npm prune // To remove extraneous packages not listed on the parent package's dependencies list npm start // To run the scripts mentioned with start key in the package.json scripts npm run <command> // Any script/command listed in the scripts other than start npm test // To run the test script if there's any npx <command> // Used to run any command from npm package (from locally installed or remotely fetched)
Note that npm version 7.x is considered when listing all the above commands. Certain commands may differ with lower or higher major versions.