Let us install a module, underscore: https://www.npmjs.com/package/underscore to a folder.
Step 1: Install the npm module:
~$ npm install underscore
npm WARN saveError ENOENT: no such file or directory, open '/home/ubuntu/package.json'
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN enoent ENOENT: no such file or directory, open '/home/ubuntu/package.json'
npm WARN ubuntu No description
npm WARN ubuntu No repository field.
npm WARN ubuntu No README data
npm WARN ubuntu No license field.
+ underscore@1.9.1
added 1 package from 1 contributor and audited 1 package in 0.585s
found 0 vulnerabilities
~$
This has installed the latest version of underscore from npmjs.org. This module is available under node_modules folder.
Let us verify the installation at location:
~$ cd node_modules
~/node_modules$ ls -l
total 4
drwxr-xr-x 2 ubuntu ubuntu 4096 Sep 24 10:56 underscore
~/node_modules$
To use this module. Let us open the node REPL and type the following commands:
~/node_modules$ node
> var _ = require("underscore");
Expression assignment to _ now disabled.
undefined
> console.log(_.max([10,20,30,40]))
40
undefined
>
If you notice, at the time of installation of underscore - it has given us an error that package.json is not found. To solve this problem, let us setup package.json. We set it up using: npm init
~$ npm init
This utility will walk you through creating a package.json file.
It only covers the most common items, and tries to guess sensible defaults.
See `npm help json` for definitive documentation on these fields
and exactly what they do.
Use `npm install <pkg>` afterwards to install a package and
save it as a dependency in the package.json file.
Press ^C at any time to quit.
package name: (ubuntu)
version: (1.0.0)
description:
entry point: (index.js)
test command:
git repository:
keywords:
author:
license: (ISC)
About to write to /home/mhc/package.json:
{
"name": "ubuntu",
"version": "1.0.0",
"description": "",
"main": "index.js",
"dependencies": {},
"devDependencies": {},
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "",
"license": "ISC"
}
Is this OK? (yes)
~$
Now, Let us reinstall underscore so that we can examine the contents of package.json:
Step: Clear contents of node_modules folder:
~$ cd node_modules/
~/node_modules$ ls -l
total 4
drwxr-xr-x 2 ubuntu ubuntu 4096 Sep 24 11:19 underscore
~/node_modules$ rm -rf *
Step: Install underscore:
~$ npm install underscore
npm WARN mhc@1.0.0 No description
npm WARN mhc@1.0.0 No repository field.
+ underscore@1.9.1
added 1 package from 1 contributor and audited 1 package in 0.537s
found 0 vulnerabilities
~$
Step: Examine package.json:
~$ more package.json
{
"name": "ubuntu",
"version": "1.0.0",
"description": "",
"main": "index.js",
"dependencies": {
"underscore": "^1.9.1"
},
"devDependencies": {},
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "",
"license": "ISC"
}
~$
Whenever we run npm install , we can use the optional command line argument ( --save ). This will tell npm to store the information of what we installed into package.json file.
Now, if we perform the same steps using the --save option:
~$ npm install underscore --save
npm WARN mhc@1.0.0 No description
npm WARN mhc@1.0.0 No repository field.
+ underscore@1.9.1
added 1 package from 1 contributor and audited 1 package in 0.596s
found 0 vulnerabilities
~$ more package.json
{
"name": "ubuntu",
"version": "1.0.0",
"description": "",
"main": "index.js",
"dependencies": {
"underscore": "^1.9.1"
},
"devDependencies": {},
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "",
"license": "ISC"
}
~$
Advantages of tracking dependencies this way:
- Simply by looking at package.json - we can know which published version of particular library we depend upon.
- When we are browsing through the source code of modules developed by others. We can come to know what they are depending upon.
- We can refresh the node_modules folder.
Clearing the stuff in node_modules folder and then recreating it:
~$ cd node_modules
~/node_modules$ ls -l
total 4
drwxr-xr-x 2 ubuntu ubuntu 4096 Sep 24 12:03 underscore
~/node_modules$ rm -rf *
~/node_modules$ cd ..
~$ npm install
npm WARN ubuntu@1.0.0 No description
npm WARN ubuntu@1.0.0 No repository field.
added 1 package from 1 contributor and audited 1 package in 0.473s
found 0 vulnerabilities
~$ cd node_modules/
~/node_modules$ ls -l
total 4
drwxr-xr-x 2 ubuntu ubuntu 4096 Sep 24 12:09 underscore
~/node_modules$
Having package.json file is a big advantage as we can ship the source code containing package.json without the contents in the node modules. At the client place, we can use npm install to setup the dependencies.