10 Tips and Tricks That Will Make You an npm Ninja

Share this article

Shuriken embedded in a scroll
Shuriken embedded in a scroll

This article was peer reviewed by Vildan Sortic, Matt Burnett and Tom Greco. Thanks to all of SitePoint’s peer reviewers for making SitePoint content the best it can be!

While there is much excitement about Facebook’s new Yarn project, the continuing success of Node.js owes much to its original package manager, npm.

A few simple npm commands is all it takes to initialize a folder (npm init), download packages (npm install) and create tests (npm test) and custom scripts (npm run) for use in your project. Few delve further but there are several npm tips and tricks which can revolutionize your daily development tasks.

Note: if you need a primer on npm, check out our beginners guide. If you’re confused as to the difference between npm and Yarn, see our post: Yarn vs npm: Everything You Need to Know.

1. Getting Help!

The npm online help and CLI Command documentation is excellent but switching to and from your browser is not always convenient. A quick reminder of all options is available from the command line:

npm help

Help for specific npm commands can also be displayed:

npm help <command>

for example, npm help install.

Or you can view a quick command parameter reference:

npm <command> -h

2. npm Command Autocomplete

npm offers command auto-completion for systems using bash (including Bash for Windows 10):

npm completion >> ~/.bashrc

or Z shell:

npm completion >> ~/.zshrc

Reload the shell configuration file, e.g.

source ~/.bashrc

Now type npm ins and hit TAB and install will appear. You need never waste time typing in full ever again!

3. Fixing Global Module Permissions

Linux-like systems can throw permission errors when you attempt to install global packages. You can prepend sudo to any npm command but that’s a dangerous option. A better solution is to change npm’s default directory to one you own:

mkdir ~/.npm-global
npm config set prefix '~/.npm-global'

Add the following line to ~/.bashrc or ~/.zshrc as appropriate using your text editor of choice:

export PATH="$HOME/.npm-global/bin:$PATH"

Reload the shell configuration file (source ~/.bashrc) then reinstall npm itself to the new user-owned location:

npm install -g npm

This will also update npm to the latest version.

4. Keeping npm Updated

You can reveal the npm version number:

npm -v

and update if required using:

npm install -g npm

You may also need to rebuild C++ addons when a new major version of Node is released:

npm rebuild

Taking this further, if you need to manage updates for multiple versions of Node.js and npm, consider options such as nvm and n. We’ve got a tutorial on that, too: Quick Tip: Install Multiple Versions of Node.js using nvm

5. Defining npm init Defaults

New project folders are initialized with npm init. This prompts you for further details about your project and creates an initial package.json file.

If you’re fed up of retyping the same information every time you start a new project, you can accept a bunch of defaults using the -y flag:

npm init -y

Or, you can set some sensible defaults for npm to use:

npm config set init.author.name <name>
npm config set init.author.email <email>

6. Sophisticated Package Search

At the time of writing there are more than 350,000 packages available on npm with more appearing daily. While many are great, you probably want to avoid less popular, buggy or discontinued packages. Searching at npmjs.com and GitHub is practical but there are other options…

npms

npms ranks packages to provide an overall quality score based on the project version, the number of downloads, the latest update date, the commit frequency, testing coverage, documentation, the number of contributors, issues, stars, forks and even the author’s standing in the community.

npm Discover

npm Discover locates packages which are commonly used with others, e.g. body-parser with Express.

Packages by PageRank

Packages by PageRank searches and sorts npm packages by their associated Google ranking.

Curated npm Lists

Alternatively, leverage someone else’s search success. I often refer to Awesome Node.js from sindresorhus when looking for a robust solution.

7. Managing Your Packages

You’ve chosen your packages and installed the dependencies. Let’s list what we have:

npm list

(ls, la and ll can be used as aliases for list).

The list shows everything: packages, sub-packages, sub-packages of sub-packages etc. Limit the output to top-level-only packages using:

npm list --depth=0

A package homepage can be opened with:

npm home <package>

This only works if your system can open a browser – it will fail on OS Server editions. Similarly, you can open a package’s GitHub repository:

npm repo <package>

or its documentation:

npm docs <package>

or the current list of bugs:

npm bugs <package>

npm list reports when you have extraneous packages installed — those which are no longer referenced in your package.json file. You can npm uninstall each separately or remove them all with:

npm prune

If you add the --production flag or have the NODE_ENV environment variable set to production, packages specified as devDependencies in package.json will also be removed.

8. Locking-Down Dependencies

By default, npm references package version numbers with the caret (^) character when installing a package with --save or --save-dev. This pins the package to its major version number. For example, ^1.5.1 permits anything from that version up to but NOT including 2.0.0 to be installed when npm update is run.

The more conservative tilde (~) character pins the package to the minor version. For example, ~1.5.1 permits anything from that version up to but not including 1.6.0 to be installed when npm update is run. The tilde prefix can be set as the default with:

npm config set save-prefix="~"

For those who are paranoid about any updates which could break your system, you can configure npm to use exact version numbers only:

npm config set save-exact true

Alternatively, you can shrinkwrap your project using:

npm shrinkwrap

This generates an npm-shrinkwrap.json file containing the specific versions of the dependencies you’re using. This file is used by default and will override package.json when running npm install.

9. Finding Outdated Modules

How do you know when a dependency has been updated? The process I used for many months was to list my dependencies (npm list --depth=0), search for the package on npmjs.com and manually check which version numbers had changed. Hours of fun. Fortunately, there’s a significantly easier option:

npm outdated

Or npm outdated -g for global packages such as npm itself.

You can also view the current version of an individual package:

npm list <package>

and examine the current and historical versions:

npm view <package> versions

npm view <package> displays all information about an individual package including its dependencies, keywords, update dates, contributors, repository, licence, etc.

10. Using Development Packages

When developing packages you often want to try them in other projects or run them from any directory (if your application supports it). There’s no need to publish the package to the npm registry and install globally – just use:

npm link

from the package folder. This creates a symlink in the global folder for that package. You will see the reference when using:

npm list -g --depth=0

or

npm outdated -g

You can now run package from the command line or include it in any project with require.

Alternatively, you also can declare dependencies by filepath in package.json, e.g.

"dependencies": {
  "myproject": "file:../myproject/"
}

So those are some of my favorite npm tricks but have I missed one of yours? Comments are welcome…

Frequently Asked Questions (FAQs) about npm Tips and Tricks

How can I update npm to the latest version?

Updating npm to the latest version is a straightforward process. First, you need to open your terminal or command prompt. Then, type the following command: npm install -g npm@latest. This command tells npm to globally install the latest version of npm. Once the process is complete, you can verify the update by typing npm -v in the terminal. This will display the current version of npm installed on your system.

What is the purpose of the npm rebuild command?

The npm rebuild command is used to recompile and rebuild packages. This is particularly useful when you’re dealing with native modules that need to be compiled. If you’ve made changes to your system or node version, running npm rebuild will ensure that your packages are compatible with the current environment.

How can I search for specific packages in npm?

You can search for specific packages in npm using the search command. For instance, if you’re looking for packages related to ‘funny’, you can type npm search funny in your terminal. This will return a list of packages that have ‘funny’ in their name or description.

Are there any ridiculous or funny npm packages that exist?

Yes, there are several npm packages that are created for fun or to demonstrate certain concepts. For example, the ‘cowsay’ package generates ASCII pictures of a cow with a message. Another example is the ‘lolcatjs’ package that produces rainbow-colored text in the terminal.

What are some useful npm tips and tricks?

There are several tips and tricks that can enhance your npm experience. For instance, you can use the npm init -y command to quickly create a new package.json file with default values. You can also use the npm outdated command to check which packages in your project need to be updated.

How can I try the latest stable version of npm?

To try the latest stable version of npm, you can use the npm install -g npm@latest command. This will install the latest stable version of npm globally on your system.

How can I update npm itself?

You can update npm itself by running the command npm install -g npm@latest in your terminal. This will install the latest version of npm globally on your system.

How can I find the version of npm I’m currently using?

You can find the version of npm you’re currently using by typing npm -v in your terminal. This will display the current version of npm installed on your system.

What does the -g flag do in npm commands?

The -g flag in npm commands stands for ‘global’. When you use this flag, npm will install the package globally on your system. This means the package will be available to all projects on your system, not just the current one.

How can I uninstall a package in npm?

You can uninstall a package in npm using the npm uninstall command followed by the package name. For instance, if you want to uninstall a package named ‘example’, you would type npm uninstall example in your terminal.

Craig BucklerCraig Buckler
View Author

Craig is a freelance UK web consultant who built his first page for IE2.0 in 1995. Since that time he's been advocating standards, accessibility, and best-practice HTML5 techniques. He's created enterprise specifications, websites and online applications for companies and organisations including the UK Parliament, the European Parliament, the Department of Energy & Climate Change, Microsoft, and more. He's written more than 1,000 articles for SitePoint and you can find him @craigbuckler.

bashdependency managementjameshLearn-Node-JSpackage managershell
Share this article
Read Next
Get the freshest news and resources for developers, designers and digital creators in your inbox each week
Loading form