npm

What is npm?

  • node package manager
  • largest ecosystem of open source libraries
  • makes it easy to share, reuse and update code
  • helps us build complex things with simple parts
  • not just for backend modules any more

Three parts of npm

  • npm the company
    • take open source to new places
    • reduce friction
  • npm the registry (free)
  • npm the command line tool
    • open source
    • ships with Node.js

Module

Anything that can be loaded with require(...) in a Node.js program

Package

  1. directory
    • package.json file
    • something of value (like a module)
  2. gzip of (1)
  3. URL that resolves to (2)
  4. GIT URL that when cloned results in (1)

package.json

A text file in json format that describes your "package" and it's dependencies.

package.json

  • Required properties
    • name
    • version
  • Others properties
    • description
    • keywords
    • homepage
    • author, contributor
    • dependencies & devDependencies
    • main, bugs, license, scripts...

npm registry

  • A website that implements the CommonJS Package Registry specification for reading package info
  • Powered by CouchDB
  • https://www.npmjs.com/
  • Internal registry
    • http://icsnpm.ldschurch.org/

npm registry

  • Search - full text
  • Filtering - human
    • stars
    • version (if they follow semver)
    • downloads (relative)
    • number of releases
    • time since last release (abandoned)?
    • badges
    • author
    • does it have a readme.md and docs?
    • does it solve your problem?
    • does it solve too many problems?
    • is the license acceptable
    • how many open issues? (relative)
    • how many dependencies (relative to complexity)
    • ...

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Ramp Up

New blank project

Existing project

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Develop

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Publish/Deploy

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Ramp Up - Blank Project

$ npm init --yes
Wrote to my-project/package.json:

{
  "name": "my-project",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "keywords": [],
  "author": "Bruce Campbell <bruce@ldschurch.org>",
  "license": "ISC"
}

$ ls
package.json

$

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Ramp Up - Existing Project or Generated Project

Use npm install to download project dependencies from the registry

  • reads package.json for dependencies
  • use the dependencies section for modules your app needs to run
  • use the devDependencies for modules your app needs to build
  • downloads dependencies and puts them in the ./node_modules folder within your project

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Develop

  • npm install <package> 
  • npm uninstall <package>
  • Flags
    • --save
    • --save-dev
    • --global

Demo

  • my-app project
  • previously we used npm install without a package name to read dependencies from package.json and install them.
  • Now we want to add jQuery to the list of dependencies and install it.
  • So we add jQuery and --save... npm i --save jQuery
    • i is short for install
    • see package.json and ./node_modules for jQuery
    • off we go to write some code using jQuery
  • But then the dev lead on your project points out that all the jQuery functionality you need is built into Javascript now.
    • npm uninstall jQuery
      • see ./node_modules
      • see package.json - why is jQuery still there?
    • npm uninstall --S jQuery   (-S is short for --save) - now it's gond
    • more...

Demo

  • While we're talking about the install command I should probably talk about "global" installs even though it doesn't fit perfectly into this part of the cycle
  • the --global, or -g for short installs a package "globally", or outside your project
    • on a mac that's /usr/local/lib/node_modules
    • on windows that's ... don't know,
      • use npm ls -g --depth 0 to find it
        • the docs say beside the node.exe binary 
      • "ls" or list tells you what packages are installed
      • --depth 0 limits how deep into the dependency tree it will report. Zero lists just the direct dependencies.
      • -g of course is for globally installed modules.
  • there is a trend that less and less packages require that they be installed globally.
  • more...

Demo

  • While we are already on a tangent, we might as well talk about executable packages.
  • Some packages can a CLI component to them.
  • So instead of "require()"-ing it in to your code you use it as a tool and run it from the command line.
  • Show npm list -g --depth 0
  • notice n and yo... they are both command line tools
  • they were installed onto my laptop as node packages using npm
  • tools that need to be available from any directory on the system should be installed "globally"
  • tools that need only be available in the project directory can be installed "locally" and they can still be executed on the command line
  •  

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Publish/Deploy

semver

  • Bullet One
  • Bullet Two
  • Bullet Three

npm shrinkwrap

  • Locks down the versions of a package's dependencies so that you can control exactly which versions of each dependency will be used when you install/deploy
  • You could lock down dependencies by specifying exact versions in package.json
  • npm shrinkwrap is preferred

npm shrinkwrap

Text

npm init

npm i <pgk>

code & test

npm shrinkwrap

git clone

npm install

Publish

Deploy

?

Publish/Deploy

Made with Slides.com