Understanding npm and package.json

npm = Node Package Manager. It's how you install and manage libraries.

Initialize a Project

```bash mkdir my-project cd my-project npm init -y ```

This creates package.json: ```json { "name": "my-project", "version": "1.0.0", "description": "", "main": "index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1" } } ```

Installing Packages

```bash # Install a package npm install express

Install as dev dependency npm install jest --save-dev # or npm install jest -D

Install globally npm install -g nodemon

Install specific version npm install lodash@4.17.21 ```

package.json Dependencies

```json { "dependencies": { "express": "^4.18.2" // Production }, "devDependencies": { "jest": "^29.7.0" // Development only } } ```

Version Numbers Explained

``` ^4.18.2 = Compatible with 4.x.x (minor updates OK) ~4.18.2 = Patch updates only (4.18.x) 4.18.2 = Exact version * = Any version (dangerous!) ```

Common npm Commands

```bash # Install all dependencies from package.json npm install

Update packages npm update

Remove package npm uninstall lodash

List installed packages npm list

Check outdated packages npm outdated

Run scripts npm run test npm start # shortcut for npm run start ```

npm Scripts

```json { "scripts": { "start": "node server.js", "dev": "nodemon server.js", "test": "jest", "build": "webpack --mode production" } } ```

Run with: `npm run dev`

package-lock.json

This file locks exact versions of all dependencies. **Always commit it!**

```bash # Ensures everyone gets same versions npm ci # Clean install using lock file ```

.npmrc Configuration

```bash # Create .npmrc in project root registry=https://registry.npmjs.org/ save-exact=true ```

Key Takeaway

npm manages your project dependencies through package.json. Use `npm install` to add packages, commit package-lock.json for reproducible builds, and define scripts for common tasks. It's the backbone of Node.js development.