NPM 초보자 가이드

npm manages downloads of dependencies of your project, hence you need to install, uninstall and update packages on a regular basis.

If a project has a package.json file, it depends on node modules, you have to install them. The command npm install or npm i installs all the node modules the project needs. Everything will be installed in the folder node_modules .

With the command npm install <package-name> you can install additional packages to your project, like lodash or styled-components .

When installing a npm package, you can add it as a dependency or as a devDependency in package.json, so that on a fresh install or in a shared project it will be installed with just running npm install .

In devDependencies are usually development tools, like a testing library. While dependencies are bundled with app in production.

You have two options:

• --save This flag installs and adds the entry to the package.json file in dependencies.
• --save-dev This flag installs and adds the entry to the package.json file in devDependencies.

To take advantage of security fixes and latest features of the node modules you have to update on a regular basis. This updating process is fairly easy, just run npm update and npm will check all packages for a newer version, that satisfies your versioning constraints.

You can also update a single package only, with the command npm update <package-name> .

Npm also manages versioning , so you can specify any specific version of a package, or require a version higher or lower than what you need. Npm follows the semantic versioning (semver) standard.

Since there are several versions of several packages, it occurs quite often, that the library you need is only compatible with a major release of another library, or that a bugfix in the latest release of the library is still in development, and the bug is causing issues. Hence, specifying an explicit version of a library helps to keep everyone on the same exact version of a package and reduces bugs and issues.