I hope you are doing well!
I got asked about why should I use -f to force npm install packages to install. In the documentation it states that
force npm to fetch remote resources even if a local copy exists on disk.
But does this mean that it redownloads global packages for the local project or what does it solve exactly?
Another thing happens is when I use npm install, I see a lot of warnings in the console that
WARNING: X package is deprecated
But when I run npm outdated I see that all packages are all fairly up to date (all match the recommended version to download), so I assume this might be a dependency for a certain package. But does it affect our work negatively? Why does this happen?
For the packages I download, I generally look for packages that have in the 6 digits Weekly Downloads from npm so I don't think we are using unfamiliar packages.
I am asking these questions because they have been asked to me but I don't have a straight answer to them.
Thank You!
I don't understand how npm install -f works
Related
Let's say I published few years back a npm package package_a.
Now I actually "namespaced" all my packages under #myfancyname/package_a.
Is there a way to transform package_a install process so that
npm install -g package_a
actually just run
npm install -g #myfancyname/package_a
(of course this should work also for npm install package_a -> npm install #myfancyname/package_a)
This might be bad practice, so please advice in this case as well.
TL;DR: It's likely that the best solution is to use npm deprecate on your old package to provide people with a message directing them to the new package name.
This issue in the npm issue tracker suggests contacting support#npmjs.com. The issue is quite old, though, and also only seems to suggest contacting support for a large number of packages. Although the issue may be out of date, if there's a better way to do things, I'm sure the support team would redirect you there.
That said, while that npm issue title asks about a redirect (implying, to me at least, automatic redirect like what you want), the answers seem to be more about "redirecting" by informing users. Chances are, that's the recommended way, for better or worse. So you can use npm deprecate on your old package to provide people with a message directing them to the new package name.
I'm trying to set up a development environment with several packages, and as a result I need to manually install some dependencies. More specifically, I have some local changes in several packages which I need to test before I can push them to github, so I can't just npm install the top level because it won't pick up those change. So I run the first npm install manually on packages which are missing, and then try to run my node code and see which package it is still missing, then try to npm install what it says is missing.
However, when I go to install the second package, it ends up with this message:
added 3 packages from 4 contributors, removed 799 packages and audited 3 packages in 4.197s
The second install removed practically every package that was already installed! I didn't notice this until about the third time, when I realized that I seemed to be installing the same thing over and over.
However can I prevent this particularly naughty behavior and force npm to only install what I tell it to and leave everything else alone?
Have a look at npm link if you need to test against modified packages.
From npm link:
This is handy for installing your own stuff, so that you can work on it and test it iteratively without having to continually rebuild.
Say b is a dependency of a. You made changes to b and want to check if a still works with those changes. Instead of using b in node_modules installed from npm, use your local, modified version:
cd ~/projects/b # go into the package directory
npm link # creates global link
cd ~/projects/a # go into some other package directory.
npm link b # link-install the package
Now, any changes to ~/projects/b will be reflected in ~/projects/a/node_modules/b/.
If your development flow involves updating in parallel packages which depend on one another, you might consider switching your project's package manager to from npm to yarn to take advantage of yarn's workspaces feature.
Yarns's workspaces allow you to easily setup a single monorepo containing all your interconnected dependencies, and let yarn thinking how to link them together in your dev environment.
i had a similar problem today , & thought this might help someone in the future and l have found out that if you install simultaneouly it
npm install --save package1 package2 package3 ...
it worked as l had
npm install xlsx angular-oauth2-oidc
but if you install separately it will have issues
Edit 2 More infor by #Michael
installing multiple packages in the same command also prevents hooks from being installed multiple times
Remove "package-lock.json" file befor installing the new package.
Are you saving the dependencies to package.json?
To Save : npm install --save {package_name}. This will save the package to package.json and install using npm install.
You can't particularly control the dependencies(fully). The dependencies which you have installed might be using dependencies themselves.So when you remove a package, npm deletes all the package's dependencies and the package.
I am installing a module globally
$ npm install -g X
and NPM says
"npm WARN deprecated lodash#1.0.2: lodash#<3.0.0 is no longer
maintained. Upgrade to lodash#^4.0.0"
how can I find out which module has an dependency on this old version of lodash?
The warning message from NPM doesn't seem to give me any clue which module references this old version (I believe that the module X does not have a direct dependency on this old version of lodash.).
I got an answer for the similar question: https://stackoverflow.com/a/36335866/1115187
Briefly:
npm outdated --depth=3
This command will analyze installed NPM-packages and their versions. The report will contain:
package name
latest version
current version
dependency path (down to depth level)
Hope, this information could help you to gather info about outdated packages.
Next step - get in touch with maintainers of the appropriate package, and ask them to update the package (maybe, you would like to send a pull request).
UPD: npm-check
There is a great npm package: npm-check, that allows checking outdated dependencies. Probably
My favorite feature: Interactive Update — run npm-check -u in the project folder. An interactive menu shows all required information about dependencies in the current folder and allows to update all dependencies in 3 seconds.
npm la <package-name>
also works, and will give you the most details about the dependency graph of a dependency.
npm ls <package-name>, does something similar but gives you less details
Use npm list. It will print out all of the packages your module depends on as well as your dependencies dependencies and so forth. Maybe redirect output to a file or grep it so you can search it more easily.
use this
sudo npm install --unsafe-perm -g expo-cli
You could search through all the package.json files under node_modules and see which ones are dependent on lodash 1.0.2.
For deprecated files you should use the "npm i [package]" syntax, in this case you should use: npm i X and it will fetch all necessary packages, including deprecated ones, but which are required for your installation.
Npm documentation link: https://docs.npmjs.com/using-deprecated-packages
Hello I am just a noob and still learning. I have already downloaded and tried the chat tutorial of get-started part from socket.io. Now, I am again learning from another source. What's confusing me is that, do I always have to npm install in the beginning of every project after writing the dependencies in the package.json? Or is there any other way? I would be very glad if you could help me understand my confusion. Thank you!
Yes, before running, all dependencies must be installed. So you must run npm install.
When developing, you can use npm install --save <package_name> to install a dependency and automatically add it to package.json.
NPM means Node Package Manager. It is used to manage your dependencies to other node modules dynamically thanks to a configuration file called package.json. This way you can easily define the exact versions you need or a mask in order to always retrieve the stable ones for instance.
The command npm install allows to interpret your configuration file and then download the good versions (and this recursively).
I'm not regular node user, so my apologies if this is a stupid newbie question, but I haven't been able to find any clear documentation on this, and my feeble newbie node skills don't let me dig into myself.
I'm following along with these instructions for installing the Ghost blogging system, (a system built with NodeJS).
After telling me to open a terminal window in the just downloaded package folder, yhe instructions include the following line
In the new terminal tab type npm install --production
This confuses me. My understanding of npm is it's a package manager that, like perl's CPAN
Fetches packages from The Internet
Installs them into my local node system
That's clearly not what's happening above, but I don't know what is happening when I run that command, and since I don't run with a NodeJS crowd I don't know who to ask.
I'd like to know what NPM is doing. Specific questions
When I run npm install, it looks like it's downloading a number of packages (lots of npm http GET in the console). How does NPM know what to download?
Where is it downloading these module files to? How does npm know where to download the files?
What effect does the --production flag have on NPM's behavior?
Happy to have specific answers, or a meta-answer that points out where I can learn how npm works with (what appears to be) a application installs (vs. a system install, which is how I normally think of it)
npm has a few different installation modes. From within a module (with a package.json file) npm install installs the dependencies listed in the dependencies and devDependencies fields of the package.json file. Installation means that files the modules are downloaded, placed in the node_modules folder, then npm installed themselves, (but only their dependencies) placing modules their own node_modules folders. This continues until everything needed is installed. Use npm ls to see the tree of installed packages.
Most of the time this is what you want, because running npm install from within a module is what you would do when developing on it, and you'll want to run tests etc. (which is what devDependencies is for).
Occasionally though, you'll be coding a service that consumes modules, but should not necessarily be treated like one (not intended to be require'd). Ghost is such a case. In these cases, you need npm install --production, which only installs the dependencies, leaving the devDependencies.
When I run npm install, it looks like it's downloading a number of
packages (lots of npm http GET in the console). How does NPM know what
to download?
It reads the package.json configuration file in the current directory.
Where is it downloading these module files to? How does npm know where to download the files?
It will create and populate a node_modules directory within the current directory. The file structure is designed in to npm/node and is (mostly) intentionally not configurable.
What effect does the --production flag have on NPM's behavior?
Install just the dependencies without the devDependencies from package.json, meaning "give me what I need to run this app, but I don't intend do do development on this app so I don't need dev-only stuff".
npmjs.org has some docs, FAQ, and man pages, which are pretty good although they are mostly lacking basic introductory material.