Lately I’ve been wrestling with npm. Here are some rules I’ve learned:
Use `npm ci` rather than `npm install`
`npm ci` will bring down exactly the dependencies specified in package-lock.json. `npm install` does more than that; it also tries to update some libraries to a more recent version. Sometimes it updates URLs or nonsense in package.json so that it my `git status` is dirty. Sometimes it does deduping. Sometimes it sticks the version you have lying around. I haven’t figured it out. It seems to be pretty dependent on the current circumstances on my file system.
Now I only use `npm install` if I specifically want to change the dependencies in my filesystem.
Use `npm install –save-exact`
Especially for snapshots. Semver does not work for snapshots or branches or anything but releases. And npm only works with semver. If you are not using a release; if you publish with build tags or branch tags or anything like that; do not give npm any sort of flexibility. It will not work. Specify a precise version or else it will give you nasty surprises, like deciding some alphabetically-later branch is better than the master-branch version you specified.
Use `npm view` to check the status of a library
This is quite useful. Try `npm view ` and it brings to your command line the info you can get from the npm website. You can ask it for specific fields. To get the latest version of chalk:
$ npm view chalk dist-tags.latest
If you want to do anything programmatic with this info, the “do things right” flag for `npm view` is `–json`.
Try `npm ls` but then dig around on the filesystem
Exploring the dependency tree, `npm ls` is really cool; it shows it to you. You can see where you’re getting a specific library with `npm ls ` except that it doesn’t always work. In the end, I dig around in my node_modules directory, using `find -name .` to look for the real thing.
Other times I use my little node-dependency dungeon explorer game to see what version of stuff is where.
These are just a few of the nasty surprises I’ve found moving from Java to TypeScript, from maven dependencies to npm. Dependency management is an unsolved problem, and the people working on npm have made huge improvements in the last few years. I look forward to more.
14 thoughts on “Do Things Right with npm install”
Your blog so nice I appreciate you for the great job I want to share home decorating and designing website http://abbasmukeshinteriors.com/
The writes you are shared is really great, good information, keep sharing like this.web designing company in faridabad
Your selection of topic is very good and also well written. Thanks for sharing. I feel like all your ideas are incredible! Great job!!!Prestige Lake RidgeRohan Iksha Sobha HRC PristineSobha Palm CourtGoyal Orchid Whitefield
I'm eager to reveal this page. I have to thank you for ones time for this especially incredible read!! I unquestionably truly preferred all aspects of it and I additionally have you spared to fav to take a gander at new data in your site. Apple mac ipad
Really Great Article.web design in san joseWebsite design company in california
sheet metal manufacturer gurgaonAutomotive Sheet Metal Components in Gurgaonweb design services delhiwebsite design companies delhi
Really Good Blog, keep sharing.pediatric dentist clinic in san josepediatric dentist in san jose
Amazing post.longest rice in the worldbest basmati rice brand in australia
This blog is really great. The information here will surely be of some help to me. Thanks!. outdoor kitchen design ideas
I really appreciate you for your blog but i want to share one of the best website for grow your muscles and your weight we are offering you genuine steroids online http://roidsmania.com/
If more people that write articles really concerned themselves with writing great content like you, more readers would be interested in their writings. Thank you for caring about your content.professional web design services
Hello,Thanks for sharing informative article with us.. nice post…Advertising Agency in Hyderabad
Really amazing Article. Thank you.sheet metal industries faridabadsheet metal manufacturer Faridabad
New site is solid. A debt of gratitude is in order for the colossal exertion.
Comments are closed.