Security News
ESLint is Now Language-Agnostic: Linting JSON, Markdown, and Beyond
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
The npm package 'npm' is the package manager for Node.js. It allows users to install, update, and manage dependencies for Node.js applications. It also provides tools for package discovery, publishing, and managing a local development environment.
Package Installation
Installs the 'express' package and its dependencies into the node_modules directory.
npm install express
Package Update
Updates the 'lodash' package to the latest version according to the versioning in package.json.
npm update lodash
Package Removal
Removes the 'moment' package from the node_modules directory and updates the package.json.
npm uninstall moment
Listing Installed Packages
Lists the top-level packages installed in the node_modules directory.
npm list --depth=0
Running Scripts
Runs the 'test' script specified in the package.json file.
npm run test
Publishing a Package
Publishes the current package to the npm registry, making it available for others to install.
npm publish
Yarn is a package manager that provides faster, more reliable, and more secure dependency management compared to npm. It uses a lockfile to ensure that the same package versions are installed across different environments.
pnpm is a fast, disk space efficient package manager that works by creating a single copy of a package version and linking it in the node_modules of every project that uses it. This approach saves disk space and improves installation speed compared to npm.
Bower is a package manager primarily for front-end web development. It manages components that contain HTML, CSS, JavaScript, fonts, or even image files. Bower is less commonly used now due to npm and Yarn's ability to handle front-end packages as well.
One of the following versions of Node.js must be installed to run npm
:
18.x.x
>= 18.17.0
20.5.0
or highernpm
comes bundled with node
, & most third-party distributions, by default. Officially supported downloads/distributions can be found at: nodejs.org/en/download
You can download & install npm
directly from npmjs.com using our custom install.sh
script:
curl -qL https://www.npmjs.com/install.sh | sh
If you're looking to manage multiple versions of Node.js
&/or npm
, consider using a node version manager
npm <command>
npm help-search <query>
npm
is configured to use the npm Public Registry at https://registry.npmjs.org by default; Usage of this registry is subject to Terms of Use available at https://npmjs.com/policies/termsnpm
to use any other compatible registry you prefer. You can read more about configuring third-party registries herenpm
should never be capitalized unless it is being displayed in a location that is customarily all-capitals (ex. titles on man
pages).
Contrary to popular belief, npm
is not in fact an acronym for "Node Package Manager"; It is a recursive bacronymic abbreviation for "npm is not an acronym" (if the project was named "ninaa", then it would be an acronym). The precursor to npm
was actually a bash utility named "pm", which was the shortform name of "pkgmakeinst" - a bash function that installed various things on various platforms. If npm
were to ever have been considered an acronym, it would be as "node pm" or, potentially "new pm".
10.8.3 (2024-08-28)
7e61151
#7759 docs: init usage description corrected (#7759) (@milaninfy)2404c7e
#7738 publish: consider package-spec when inside workspace dir (#7738) (@milaninfy)91e46a3
#7721 init: use locally installed version of given package (#7721) (@milaninfy)4e81a6a
#7674 always set exit code if exiting uncleanly (#7674) (@wraithgar, @hashtagchris)a947f25
#7679 update lifecycle script list in run-script (#7679) (@sonsurim)e674987
#7743 update docs for npmrc and package-json (#7743) (@milaninfy)24d5350
#7742 fix and update scoped configuration example (#7742) (@demedos)3fd7a48
#7737 lru-cache@10.4.3
d7e462b
#7737 jackspeak@3.4.3
df58b0c
#7737 glob@10.4.5
7342c24
#7737 foreground-child@3.3.0
2986f4e
#7737 cacache@18.0.4
a44ab26
#7737 postcss-selector-parser@6.1.2
4e965ad
#7737 semver@7.6.3
12587fa
#7737 npm-package-arg@11.0.3
1a9ac86
#7737 debug@4.3.6
a303ddd
#7737 node-gyp@10.2.0
FAQs
a package manager for JavaScript
The npm package npm receives a total of 4,821,182 weekly downloads. As such, npm popularity was classified as popular.
We found that npm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
Security News
Members Hub is conducting large-scale campaigns to artificially boost Discord server metrics, undermining community trust and platform integrity.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.