NPM

NPM #

Updating NPM dependencies #

  • Use npm outdated to discover dependencies that are out of date
  • Use npm update --save to perform safe dependency upgrades
  • Use npm update <packagename> to perform safe dependency upgrade of a specific package
  • Use npm update <packagename> -ws to perform safe dependency upgrade of a specific package in all workspaces where this package is installed
  • Use npm install <packagename>@latest to upgrade to the latest major version of a package
  • Use npm install <packagename>@^14 to upgrade to the latest update of a specific version
  • Use npx npm-check-updates -u and npm install to upgrade all dependencies to their latest major versions
  • Ref: https://www.carlrippon.com/upgrading-npm-dependencies/

NPM Update CLI utility #

Usage #

  • npx npm-check-updates -ws -i - Interactive mode across all workspaces
  • npx npm-check-updates -ws -i --target semver - Interactive mode across all workspaces targeting only safe versions
  • npx npm-check-updates -w <ws1> -w <ws2> -i - Interactive mode across workspace ws1 and ws2

Remove unused dependencies from node_modules #

  • Run npm prune to remove modules not listed in package.json.

Which dependencies does “npm install” installs ? #

  • If package-lock.json is present, then the specific version package-lock.json are installed
  • If package-lock.json is not present, then “npm install” respects the semver in package.json file

Package.json semver versioning #

semver wanted notes
~1.2.3 >=1.2.3 <1.3.0
^1.2.3 >=1.2.3 <2.0.0
^0.2.3 >=0.2.3 <0.3.0 (0.x.x is special)
^0.0.1 =0.0.1 (0.0.x is special)
^1.2 is >=1.2.0 <2.0.0 (like ^1.2.0)
~1.2 is >=1.2.0 <1.3.0 (like ~1.2.0)
^1 >=1.0.0 <2.0.0
~1 >=1.0.0 <2.0.0
1.x >=1.0.0 <2.0.0
1.* >=1.0.0 <2.0.0
1 is >=1.0.0 <2.0.0
* any version
x any version

Npm commands throw “Unexpected token ‘.’” error when using nvm #

  • Most probably you installed a node version using nvm without administrator privileges. From admin command line, uninstall the node version using nvm and install it again
  • If that doesn’t work, install the latest version of nvm

Run npm scripts even if one fails #

From https://stackoverflow.com/questions/62343768/how-to-continue-running-scripts-defined-in-package-json-in-case-one-fails

  • On windows (tested)
  • Instead of node test1 && node test2 use node test1 & node test2
  • On linux (not tested) If you’re running *nix and the default shell is sh
    Then change your test script in package.json to the following:
    “test”: “npm run test:v1; npm run test:v2”
    Note the double ampersand (&&) has been replace with a single semi-colon (;).

Cross-platform commands in npm scripts #

use the shx module

Npm link is used to create symbolink links in node_modules to a package in a different folder, it seems that is only good for development

Cannot debug npm scripts in webstorm #

Change the package manager in debug configuration to “C:\Program Files\nodejs\node_modules\npm” folder

Find all unused dependencies #

Run the following command npx depcheck

To publish a patch to a previous major release #

  • Checkout the previous release
  • Update version in package.json
  • Publish the previous version using a tag
    • npm publish --tag tag-for-publishing-older-releases
    • Note that tag-for-publishing-older-releases is a literal, DO NOT replace it for any previous version number. It’s used only so that npm will not update the @latest tag

Publish package workflow #

  • Commit all your changes (DO NOT change the version in package.json)
  • Run npm version patch|minor|major. This will update the version property in package json, commit and a TAG in repo for the version number
  • Run npm publish

How to publish a beta release of a package #

  • Commit all your changes (DO NOT change the version in package.json)
  • Run npm version 3.0.0-beta.0. This will update the version property in package json, commit and a TAG in repo for the version number. Note that this is a valid semver numbering and is part of the semver SPEC
  • Run npm publish --tag beta
    • Note that the tag beta doesn’t have anything to do with the version number package json.
  • For consumers to use the beta package
    • npm i your-package@beta
    • This instructs npm to get the latest version of the package with @beta tag

Npm set registry to default #

npm config set registry https://registry.npmjs.org/