npm is a package manager for Javascript and the Javascript runtime(Node). Often npm is considered as an acronym for Node Package Manager but in reality, it is not. pm in npm stands for pkgmakeinst as per the npm docs.
npm has a command-line client which is called npm CLI or just npm. npm comes installed with the Node. npmjs is the site where npm packages can be browsed and searched.
Here we are going to see the npm commands in CLI to install, update and manage various packages from the npm registry.
There are a lot of npm commands for dealing with npm packages but our main focus will be on the commands related to consuming the packages not creating or publishing those.
Essential npm commands
To check the npm version
npm --version(or -v) // To see your npm versionTo initialize
npm init
or
npm init -y // To autocomplete the detailsFor installing packages
npm i --save(or -S) <package> // To save in dependencies list
npm i --save-dev(or -D) <package> // To save in dev dependencies list
// Shorthand commands for the above
npm i <package> // By default packages get added to dependencies
npm i -D <package> // To add to dev dependencies
// To install a particular version of the package
npm i <package>@5.1.1 // version as per the need, 5.1.1 is a sample version
// To install all the packages from package.json
npm install
or
npm i
// To install global package accessible to all the projects
npm install -g <package>
or
npm i -g <package>For listing or checking packages
// From npm v7.x, list command by default lists only the installed package names, not their dependencies
npm list(or ls or la or ll) // Lists all the packages installed in the current project
npm list --all // Lists all the packages with dependencies in a tree structure
// To list global packages just use -g flag
npm list -g // Lists all globally installed packages
npm list -g --all // Lista all global packages with dependencies
// Shorthand for --all is -a
// ls, la, ll are all aliases for list, any of those shorthands can be usedFor updating packages
// For updating a single package(semver contraints will be respected)
npm update <package> // Updates package to the latest version in the current project
npm update -g <package> // Updates global project to the latest version
// For updating all packages
npm update // Updates all packages to their latest versions respecting their semver contraints
npm update -g // Updates all global packages to their latest versions respecting semver contraints
// Shorthand commands for the above
npm up <package>
npm up -g <package>
npm up
npm up -g
// To check the outdated packages instead of directly updating
npm outdated // Lists the outdated packages in the current project directory
npm -g outdated // Lists the outdated global packages
// To manually update any package to any version
npm i <package>@version
npm i -g <package>@versionSemver means semantic versioning. For the dependencies in the package.json, besides version number, a small hat(^) or tilde(~) is prefixed for some dependencies. It means those dependencies can be updated to the latest minor version when it is prefixed with (^) and to the latest patch version when it is prefixed with (~).
So npm up command when updating such dependencies considers semver prefixes without breaking the project or that dependency.
There's a whole site dedicated for semver to learn more about it.
For uninstalling packages
npm uninstall <package> // To uninstall the current project package
npm uninstall -g <package> // To uninstall the globally installed package
// Shorthand commands for the above
npm un <package>
npm un -g <package>For viewing package details
npm view <package> // Shows details about that particular package
npm view -g <package> // To see details for the globally installed package
// info, show, v are the aliases for view
// To see particular version details use @versionFor searching packages
npm search <keyword(s)> // List all the packages matching the keyword
// s, se, find are the aliases for searchFor auditing packages
npm audit // To scan project and list all the vulnerabilities without fixing anything
npm audit --json // To audit and list the details in a JSON format
npm audit fix // To scan the project for vulnerabilities and automatically install compatible updates to vulnerable dependencies
npm audit --dry-run --json // To get an idea of what audit fix will do, and output the information in JSON formatMiscellaneous commands
npm ci // To do a clean install by removing the existing node_modules
npm prune // To remove extraneous packages not listed on the parent package's dependencies list
npm start // To run the scripts mentioned with start key in the package.json scripts
npm run <command> // Any script/command listed in the scripts other than start
npm test // To run the test script if there's any
npx <command> // Used to run any command from npm package (from locally installed or remotely fetched)Note that npm version 7.x is considered when listing all the above commands. Certain commands may differ with lower or higher major versions.
So those are all the most essential npm commands every Javascript developer should know. A nice dedicated cheatsheet for the above commands will be released soon.
@dev_apt
