when npm install or not install devDependencies? - node.js

I using npm a few years. But I still don't know when npm install devDependencie and when don't install?
In npm docs, npm install --production don't install devDependencies.
But in my testing, I init a package, add eslint to dependencies, run npm install --production, the eslint's devDependencies still installed? I don't know why?
I want a table to specify when to install or when to skip.

devDependencies are dependencies that you only use during local development, including running local tests and running local build tools. eslint is a devDependency because you only use it for local code linting.
dependencies are for dependencies required for your final deliverable project to run. Your project might be an npm module, or a node program, or a bundled Javascript file. If you use Webpack to build your Javascript, but don't include Webpack's source code in your final output, then webpack is a devDependency.
This is especially important when publishing an npm node module so that the consumers of your package don't download other packages that are never used.

Related

How to install all relevant packages?

I have a Node.js project which has several dependencies.
I created the package.json file (npm init)
and try to install all the relevant packages
(npm install all) or (npm install)
with npm install I'm getting the following result:
npm notice created a lockfile as package-lock.json. You should commit this file.
but
when I'm trying to run, I'm getting error that a package is missing (i.e express and I need to install it manually)
Is there a way (command) to install at once (with one command) all the relevant packages and dependencies ? (instead of install each of the package manually) ?
Update 1:
I think I found the solution to your problem, you can use this npm module for auto installing your dependencies.
Install
npm install -g auto-install
Usage
Run auto-install in the directory you are working in.
So npm is simple!
you can add a single package using npm install package-name
or
you can install all using npm install, this will read your package.json file and install all the packages which are in there
Additionally you can do this:
npm install package1 package2 package to install multiple packages.
If a required dependency is not installed, just install it once manually using npm's --save argument and it will automatically add that dependency to your package.json.
For instance, if you are missing the express dependency, just run:
npm install --save express
That will install the dependency in your node_modules folder and also automatically update your package.json file to include express. On subsequent installs on different machines, you'll now only need to run npm install and the express package will be added automatically.
Update with a little more context: In Node your package.json file defines all dependencies that are required for your project. However, these dependencies are not automatically generated for you. npm init will create a boilerplate package.json, but it will not fill that package.json with any dependencies.
You need to define the dependencies yourself, which you can do one of two ways:
Manually add lines to your package.json's dependencies section
Use npm install --save <package name> to have npm install a package and automatically save that package as a dependency in your package.json file
If you aren't familiar with package.json files, I'd recommend sticking to approach number 2 so that npm handles editing that file for you.
Once you have a package.json with all of the dependencies you need, then when you pull down your project onto new machines you will be able to automatically install all dependencies at once using a simple npm install command. You can test this on your own machine by deleting the node_modules folder and running npm install, then trying to run your project. If it runs fine then you successfully added all dependencies to your package.json. If it complains about a missing package then add that package with npm install --save <package>

npm install --save not installing the module

I am integrating firebase cloud functions with my app's workflow. I needed to install a package so I did npm install --save #sendgrid/mail. The installation was a success but I can't see the dependency either in node_modules folder or the package.json file. What do I do?
One way to add the package would be to do the reverse. Add #sendgrid/mail to your package.json with the version you want, and then run npm install.

Using --ignore-scripts for one dependency in NPM

Following this question, NPM dependencies can be installed using:
$ npm install --ignore-scripts
Is there a way to mark that a dependency should be installed without running scripts in package.json?
This is because, when I run npm install --ignore-scripts, the dependency is added to package.json. As a result, other users will install the package while running scripts, however I want this certain package to never run scripts.
I could be wrong but I believe its: npm install -ignore-script package-name#version

How to install npm devdependencies recursively?

I am working on a project which gives cli options to another project. The cli requires some extra dependency which I had listed as devdependency. However, when installed on the target project, the devdependency are not being installed.
npm install : Installs first level of dev dependency but the dev dependency of a dependency is not installed.
There used to be an option but it was actually a bug and therefore removed. Is there a way to do this now?
If the dependency is required by the target project that is installing it, it should be listed as a dependency. DevDependencies are intended for use only when the module itself is being developed (eg test and packaging tools. )
do npm install --only=dev this will install dev-dependencies of all dependencies in package.json if you want to install dev-dependencies for just one package do dev-dependencies npm install <package> --only=dev

How to shrinkwrap devDependencies, but not install them unless necessary?

I have a bunch of devDependencies needed in order to run test suite and have production dependencies locked down with npm shrinkwrap. The problem is that when I run npm install, only production dependencies are installed, in order to install devDependencies, I have to remove npm-shrinkwrap.json and run it again.
Now if shrinkwrap contains devDependencies as well, they get installed in production, where they are not required. Surely there should be some command line arguments to force only normal dependencies to be installed?
September, 2016:
As others have mentioned as well, there were some huge efforts to enhance the shrinkwrap feature starting with npm v3.10.8.
Thanks to this, it'll be possible to keep your devDependencies locked while installing only the production dependencies:
npm shrinkwrap --dev
npm install --only=prod
2013 answer:
As stated in the NPM docs:
Since npm shrinkwrap is intended to lock down your dependencies for
production use, devDependencies will not be included unless you
explicitly set the --dev flag when you run npm shrinkwrap. If
installed devDependencies are excluded, then npm will print a warning.
If you want them to be installed with your module by default, please
consider adding them to dependencies instead.
Basically, or you lock down all deps, or only the production deps.
Not even running npm install --dev or npm install --force can transcend the shrinkwrap functionality.
It looks like this feature was recently added in v3.3 of the npm client per the changelog
You'll now be able to run npm install --only=prod to achieve the effect you wish.
EDIT 2016/09/13
I've tested out npm v3.10.8, and this functionality now works as expected. We've shrinkwrapped our devDependencies and can install only prod dependencies when we deploy.
I think it's worth mentioning that this feature should start working as expected very soon. According to this github issue, tons of people were running into the same problem, and according to this pull request, it will be in the next release (scheduled for 2016-09-08).
With the pull request merged in, all you would have to do is:
npm i --only=prod
As to npm 5 (I've tried on 5.5.1 and 5.6.0), --production (--only=prod) flag is problematic.
When package-lock.json exists in the folder,
npm shrinkwrap --production
simply changes the file name to npm-shrinkwrap.json.
How I managed to solve this issue is to run:
npm prune --production
and then run:
npm shrinkwrap --production
This is fixed in npm 3.10.8; npm install --production shouldn't install dev deps in a shrinkwrap created by npm shrinkwrap --dev: https://github.com/npm/npm/releases/tag/v3.10.8

Resources