Code Deep Dives

My Software development blog

BlogAbout me

NPM Notes

Published on

rough notes - WIP

Table of Contents

avoid lots of questions when doing npm-init, with ~/.npmrc

If you use npm init often, you can set some defaults (so it doesn't ask for your name, license etc)

Add a file ~/.npmrc, and you can add data like this:

init-author-email=you@yoursite.com
init-author-url=http://yoursite.com
init-author-name=Your name
init-license=MIT

You can also set them with `npm config set init-author-email "you@yoursite.com"

You can also set other settings (see here)

Some interesting ones:

  • browser to set what browser is opened when opening websites. You can set this to false to force it to print a URL to the terminal instead of opening up a browser.
  • commit-hooks (boolean) to enable/disable running git commit hooks when you run npm version
  • fetch-timeout to set max time for http requests to complete (there are a few other timeout related configs too)
  • fund (boolean) - when set to true, npm will display a message at the end npm install-ing, showing your dependencies who are seeking funding/donations
  • long (boolean) - if true then it shows extended info for npm ls, npm search and npm help-search. Default is false.

You can also set up a .npm-init.js file, which can prompt you for questions during running npm init, and stores them as custom fields in your package.json. See here for more

npm scopes

I think most users of npm will be familiar with them, but might not know the details or what they're called. Scopes are a way to name space packages.

Some important facts about scoped packages:

  • Unscoped packages are always public.
  • Private packages are always scoped.
  • Scoped packages are private by default; you must pass a command-line flag when publishing to make them public. (npm publish --access public)

npm version command

Run this in a package directory to bump the version and write the new data back to package.json, package-lock.json, and, if present, npm-shrinkwrap.json.

The newversion argument should be a valid semver string, a valid second argument to semver.inc (one of patch, minor, major, prepatch, preminor, premajor, prerelease), or from-git. In the second case, the existing version will be incremented by 1 in the specified field. from-git will try to read the latest git tag, and use that as the new npm version.

If run in a git repo, it will also create a version commit and tag. This behavior is controlled by git-tag-version (see below), and can be disabled on the command line by running npm --no-git-tag-version version. It will fail if the working directory is not clean, unless the -f or --force flag is set.

list packages with ls

Run this command to see packages (1 level deep):

npm ls

or run npm ls --all to see all packages.