Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

How to manage the packages in Node.js project ?

  • Last Updated : 31 Oct, 2021

Node.js is an open-source, cross-platform, back-end JavaScript runtime environment built on the V8 engine and executes the JavaScript code outside the browser. When working on a project in Node.js, you may write code to achieve a specific functionality or to solve a particular problem. There are some bits of code that can be reused in similar situations.

Modules are the blocks of reusable code consisting of Javascript functions and objects which communicate with external applications based on functionality. A package is often confused with modules, but it is simply a collection of modules (libraries). Let’s say you’re trying to design a car. You could try making every single part of the car yourself, from mining the metal to melting the casting and all the other processes. However, this would take a lot of your time and be rather expensive. We will instead purchase pre-built parts and assemble them into a working car.   Likewise, you can integrate reusable code from another developer in your project, as per your requirements. Let’s look at how you can use packages created by another developer and manage them. It all starts with NPM.

NPM stands for Node Package Manager. It is a package manager for the Node JavaScript platform, and it consists of an online database of packages called npm registry that allows Open-Source developers all over the world to publish and share their code.

There are three basic components of NPM:

  • You can find packages from third parties on the website, set up profiles, and manage them.
  • NPM CLI is a command-line interface that lets you interact with NPM from a terminal.
  • Registry – the center of Javascript code sharing.

npm packages

Developer A can share code on the NPM registry, which can be reused by developers B, C, and D by installing the appropriate packages.  

1. You can now rely on pre-built code that other people have written. For that, you must have NPM installed on your device. The NPM package comes bundled with Node.js. To integrate NPM, download Node.js. Once you have downloaded the Node.js runtime environment, you can head over to the terminal .

Check the current NPM version on your system.

npm -v

The installed version of npm is 6.14.15

2. By using npm, you can install new packages from the registry. You may need more than one package for your project. In our root project, we have a package.json file that keeps track of all the installed packages. package.json contains important metadata relevant to the project and also defines functional attributes of a project that npm uses to install dependencies, run scripts, and identify the entry point to our package.

To create the package.json file, you go to the root directory of the project and execute the following command:

npm init

When you run the npm init command, you will be prompted for information about your project, such as:

  • Package name
  • Version
  • Test command
  • Git repository
  • Keywords
  • Author
  • License

After running the command and entering all the information about the project

You can use the default values by running :

npm init --y

By running the above command , you can skip entering the information . 

Later, you can modify the default values in the package.json.

3. Now let’s integrate some packages. You can install npm packages on your system both locally and globally.

Locally: Install the package in the project folder that is only accessible from that folder by running the following command :



npm install <package_name>
for example : npm install express

Installing express framework 

Express is a node.js framework that provides server side logic for web applications

Globally:The package functions can be accessed from any directory. To install the package globally, run the following command .

npm install <package_name> --g
for example :  npm install nodemon --g

Installing nodemon package globally 

nodemon automatically restarts node.js applications when changes are detected in the files. 

4. In some cases, you may want to install a package that only runs on the development environment. For that run the following command.

npm install <package_name> --save-dev
for example : npm install lodash --save-dev

installing lodash 

lodash is a Javascript library that offers utility functions for programming to make it easier and more efficient. In addition to the metadata , the package.json file contains the dependencies , which are the packages installed in your application. It is a set of functions on which your project depends. After installing a package, you will notice that a package-lock.json file and node _modules folder has been created.

node_modules folder and package-lock.json file are created. 

5. The NPM stores all the packages in the node_modules folder. Along with the package you installed, you can also see a bunch of other files. Installing packages to use other people’s code makes your project dependent on that package. Those packages in turn use other package’s code. These are the folders on which your package depends. Thus, the node_modules folder is considered the densest object in the universe.  

To see all the installed packages as a dependency tree , run the npm list.

npm list

npm list shows the installed packages as a dependency tree .

6. To see packages that you have installed , run the following command :

npm list --depth=0

express and lodash are installed . 

To understand the package-lock.json file, let us first see how npm uses semantic versioning. Every time you install a package, you get the most recent public release. In the dependencies section of package.json, you will find that each package has been installed as a key: value pair (“package”: “*1.0.0”) with the package name followed by the version number. Packages are created by different authors and depend on one another. However, they are updated independently, which can lead to conflicts and errors. So, the NPM packages follow semantic versioning, which is a system of numbering software versions with each number containing three digits separated by dots to indicate the major, minor, and patch versions.

In the Major version, you make major and incompatible API changes. In minor versions, you add functionality in a backward-compatible manner, while the patch version includes all the bug fixes. By default, the package version is prefixed with a ^ (caret) character, which instructs NPM how to handle the next package update. It will allow patch and minor updates for versions.

To install a specific version of a package run:

npm install [package-name]@[version-number]
for example : npm install brcypt@5.0.1

Installing brcypt ( npm package for encryption) 5.0.1 version 


My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!