This comprehensive guide walks you through installing npm and mastering its command-line interface. We'll cover installing packages locally and globally, managing dependencies, and ensuring your project's security.
Node.js empowers server-side JavaScript development, built on the V8 JavaScript engine and written in C for speed. Initially designed for server applications, its use expanded to local task automation, spawning a rich ecosystem of tools (Grunt, Gulp, webpack) that revolutionized front-end development. npm is the key to managing these tools (or packages) within Node.js, simplifying installation and management.
This tutorial covers fundamental npm operations: local and global package installation, deletion, updating, version-specific installation, and dependency management using package.json. For a visual learning experience, consider SitePoint Premium's free screencast: "What is npm and How Can I Use It?"
Before using npm, you must install Node.js.
Key Concepts:
-
Installation: npm is bundled with Node.js; download from the official site, verify installation using
npm --version. -
Global vs. Local: Install packages globally (system-wide) or locally (per project), typically managed via
package.json. - Updating npm: Regularly update npm for new features and improvements; OS-specific update commands apply.
-
Dependency Management:
package.jsonefficiently handles project dependencies, ensuring consistent setups across environments usingpackage-lock.json. -
Security: Use
npm auditto detect vulnerabilities in project dependencies and apply recommended fixes. - npx: Execute npm packages without global installation, simplifying testing of new tools.
Installing npm with Node.js:
Download Node.js from the official Node.js download page. Installers are available for Windows and macOS, along with pre-compiled Linux binaries and source code. Linux users can also install via their package manager.
This tutorial uses a recent Long Term Support (LTS) version of Node.js. Consider using a Node version manager for easier version control.
Verify the installation:
which node node --version node //enter Node's REPL
Confirm npm installation:
which npm npm --version
Updating npm:
Update npm to the latest version (commands may vary slightly by OS):
Linux/macOS:
npm install -g npm@latest
Windows: Use the npm-windows-upgrade tool (requires elevated PowerShell):
which node node --version node //enter Node's REPL
Node Packaged Modules (Local vs. Global):
npm installs packages locally (in node_modules within your project) or globally (system-wide). Avoid global installations in system directories due to potential permission issues; instead, configure a user-specific global location.
Changing the Global npm Package Location:
- Create a directory:
mkdir ~/.node_modules_global - Configure npm:
npm config set prefix=$HOME/.node_modules_global - Reinstall npm:
npm install npm@latest -g - Update PATH: Add
export PATH="$HOME/.node_modules_global/bin:$PATH"to your shell's configuration file (.bashrc,.zshrc, etc.) and restart your terminal.
Installing Packages (Global Mode):
Install a package globally (e.g., UglifyJS):
which npm npm --version
List globally installed packages:
npm install -g npm@latest
Installing Packages (Local Mode):
- Create a project directory and initialize
package.json:npm init -y - Install a local package (e.g., Underscore):
npm install underscore
This adds the package to package.json's dependencies section and creates a package-lock.json file.
Managing Dependencies with package.json:
package.json lists project dependencies, ensuring consistent setups across environments. The package-lock.json file guarantees exact dependency versions.
Uninstalling Local Packages:
Uninstall a package: npm uninstall underscore
Installing Specific Package Versions:
Install a specific version: npm install underscore@1.9.1
Updating Packages:
Check for updates: npm outdated
Update a package: npm update underscore (or npm update for all outdated packages)
Searching for Packages:
Search for packages: npm search mkdir
Re-installing Project Dependencies:
Remove node_modules and reinstall: rm -rf node_modules && npm install
Managing npm's Cache:
Clear the cache: npm cache clean --force
Using npm audit for Security:
Scan for vulnerabilities: npm audit
Fix vulnerabilities: npm audit fix (or npm audit fix --force to allow breaking changes)
npm Aliases:
-
npm i:npm install -
npm un:npm uninstall -
npm up:npm update -
npm ls:npm list
Executing Packages with npx:
Execute packages without global installation: npx http-server
Conclusion:
This guide provides a solid foundation for using npm. Explore further by comparing npm and Yarn, using Node Version Manager (nvm), hosting private npm packages, or learning about Deno's package management. npm's expanding role in front-end development makes it an essential tool for modern JavaScript developers.
FAQs (Included in original text): The FAQs section from the original text is already comprehensive and well-written; no changes are needed.
The above is the detailed content of How to Install npm, Master npm Commands & Use Packages. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1794
16
1740
56
1590
29
1469
72
267
587
Why should you place tags at the bottom of the ?
Jul 02, 2025 am 01:22 AM
PlacingtagsatthebottomofablogpostorwebpageservespracticalpurposesforSEO,userexperience,anddesign.1.IthelpswithSEObyallowingsearchenginestoaccesskeyword-relevanttagswithoutclutteringthemaincontent.2.Itimprovesuserexperiencebykeepingthefocusonthearticl
How to work with dates and times in js?
Jul 01, 2025 am 01:27 AM
The following points should be noted when processing dates and time in JavaScript: 1. There are many ways to create Date objects. It is recommended to use ISO format strings to ensure compatibility; 2. Get and set time information can be obtained and set methods, and note that the month starts from 0; 3. Manually formatting dates requires strings, and third-party libraries can also be used; 4. It is recommended to use libraries that support time zones, such as Luxon. Mastering these key points can effectively avoid common mistakes.
What is event bubbling and capturing in the DOM?
Jul 02, 2025 am 01:19 AM
Event capture and bubble are two stages of event propagation in DOM. Capture is from the top layer to the target element, and bubble is from the target element to the top layer. 1. Event capture is implemented by setting the useCapture parameter of addEventListener to true; 2. Event bubble is the default behavior, useCapture is set to false or omitted; 3. Event propagation can be used to prevent event propagation; 4. Event bubbling supports event delegation to improve dynamic content processing efficiency; 5. Capture can be used to intercept events in advance, such as logging or error processing. Understanding these two phases helps to accurately control the timing and how JavaScript responds to user operations.
How to make an HTTP request in Node.js?
Jul 13, 2025 am 02:18 AM
There are three common ways to initiate HTTP requests in Node.js: use built-in modules, axios, and node-fetch. 1. Use the built-in http/https module without dependencies, which is suitable for basic scenarios, but requires manual processing of data stitching and error monitoring, such as using https.get() to obtain data or send POST requests through .write(); 2.axios is a third-party library based on Promise. It has concise syntax and powerful functions, supports async/await, automatic JSON conversion, interceptor, etc. It is recommended to simplify asynchronous request operations; 3.node-fetch provides a style similar to browser fetch, based on Promise and simple syntax
How does garbage collection work in JavaScript?
Jul 04, 2025 am 12:42 AM
JavaScript's garbage collection mechanism automatically manages memory through a tag-clearing algorithm to reduce the risk of memory leakage. The engine traverses and marks the active object from the root object, and unmarked is treated as garbage and cleared. For example, when the object is no longer referenced (such as setting the variable to null), it will be released in the next round of recycling. Common causes of memory leaks include: ① Uncleared timers or event listeners; ② References to external variables in closures; ③ Global variables continue to hold a large amount of data. The V8 engine optimizes recycling efficiency through strategies such as generational recycling, incremental marking, parallel/concurrent recycling, and reduces the main thread blocking time. During development, unnecessary global references should be avoided and object associations should be promptly decorated to improve performance and stability.
A definitive JS roundup on JavaScript modules: ES Modules vs CommonJS
Jul 02, 2025 am 01:28 AM
The main difference between ES module and CommonJS is the loading method and usage scenario. 1.CommonJS is synchronously loaded, suitable for Node.js server-side environment; 2.ES module is asynchronously loaded, suitable for network environments such as browsers; 3. Syntax, ES module uses import/export and must be located in the top-level scope, while CommonJS uses require/module.exports, which can be called dynamically at runtime; 4.CommonJS is widely used in old versions of Node.js and libraries that rely on it such as Express, while ES modules are suitable for modern front-end frameworks and Node.jsv14; 5. Although it can be mixed, it can easily cause problems.
var vs let vs const: a quick JS roundup explainer
Jul 02, 2025 am 01:18 AM
The difference between var, let and const is scope, promotion and repeated declarations. 1.var is the function scope, with variable promotion, allowing repeated declarations; 2.let is the block-level scope, with temporary dead zones, and repeated declarations are not allowed; 3.const is also the block-level scope, and must be assigned immediately, and cannot be reassigned, but the internal value of the reference type can be modified. Use const first, use let when changing variables, and avoid using var.
Why is DOM manipulation slow and how can it be optimized?
Jul 01, 2025 am 01:28 AM
The main reasons for slow operation of DOM are the high cost of rearrangement and redrawing and low access efficiency. Optimization methods include: 1. Reduce the number of accesses and cache read values; 2. Batch read and write operations; 3. Merge and modify, use document fragments or hidden elements; 4. Avoid layout jitter and centrally handle read and write; 5. Use framework or requestAnimationFrame asynchronous update.
