NPM & Package Management
- NPM is the default package manager for Node.js used to install, manage, and share project dependencies. This content explains how npm works, the difference between local and global packages, and the role of package.json and package-lock.json in dependency management.
🔹 NPM & Package Management
Modern Node.js development is not done alone.
Developers use ready-made code written by others to save time and effort.
This is possible because of NPM (Node Package Manager).In this chapter, we will learn:
What npm is
How to install packages (local & global)
What package.json is
What package-lock.json is
What is npm?
The Package Manager of Node.js
npm stands for Node Package Manager.
It is a tool that comes automatically installed with Node.js.npm helps you:
Download libraries (packages)
Manage project dependencies
Share your own packages with others
Simple Explanation
Think of npm as an App Store for developers.
Just like:
Play Store installs apps
npm installs code libraries
Instead of installing apps, npm installs JavaScript packages.
What is a Package?
A package is a folder of reusable code that solves a specific problem.
Examples:
Handling dates
Validating forms
Creating servers
Connecting databases
Installing Packages
Local & Global Installation
npm allows installing packages in two different ways:
Local installation
Global installation
Each has a different purpose.
Local Packages
(Local = project-specific)
Local packages are installed inside a project folder.
They are used only for that project.Example use cases:
Express
Mongoose
Axios
These packages are saved inside:
Node Modules & npm Essentials
This section covers Node.js project dependencies and package management. It explains the node_modules/ folder, what npm is, how to install packages locally or globally, and the purpose of package.json and package-lock.json files in managing project libraries efficiently.
node_modules/
Global Packages
(Global = system-wide)
Global packages are installed once and can be used anywhere on your system.
Example use cases:
npm itself
nodemon
create-react-app
When to Use What?
Use local packages for project features
Use global packages for tools & commands
🔹 package.json
The Heart of a Node.js Project
Every Node.js project has a file called package.json.
This file acts as the identity card of the project.What is package.json?
It is a JSON file that stores:
Project name & version
Installed dependencies
Scripts to run the project
Project metadata
Why is package.json Important?
Imagine sending your project to another developer.
Instead of sending the full node_modules folder, you send only:
Importance of package.json
The package.json file lists all the dependencies and project details. When sharing a Node.js project, instead of sending the entire node_modules/ folder, you can just share package.json, allowing others to install all required packages easily using npm install.
package.jsonThey can reinstall everything easily.
What package.json Contains
Project information
Dependency list
Custom scripts (start, dev, test)
🔹 package-lock.json
Ensuring Consistency Across Systems
While package.json tells what to install,
package-lock.json tells exactly which version was installed.Why package-lock.json Exists
Different versions of a package may behave differently.
This file ensures:Same package versions
Same dependency tree
Same behavior on all machines
Simple Explanation
Think of:
package.json as a shopping list
package-lock.json as the exact bill with item versions
Both work together to keep the project stable.
When is package-lock.json Created?
Automatically generated by npm
Updated whenever packages are installed or updated