NodeJS packages -- npm vs. OS' package-manager - node.js

We try to install NodeJS packages using the Operating System's package-management (such as apt/dpkg on Ubuntu), whenever possible.
Yet, for some of them such a package either does not exist or is too outdated -- and for those we use npm.
The mixture causes difficulties, when we wish to upgrade because npm would upgrade them all (including the stuff bundled with node itsel), yet we only want it to touch the things, which it installed in the first place...
Is it possible to reliably discern, whether a package known to npm (listed in npm -g ls) was installed by it?

Related

Is it necessay to update npm to update node?

I am new to npm and node so pardon if my question is silly, but is it necessary to update npm to its latest version if i want to update Node.js to its latest version? I read the npm wikipedia page and it says npm is a package manager for Node.js. Also, does npm provide a runtime environment for Node appications to work?
Node.js is the runtime (using the V8 JavaScript engine). Yes, npm is a package manager that helps include dependencies in the program, but it is not the only one. There are others like yarn, so npm is not essential to Node.js. There are several upgrade methods to choose from, using all the same installation methods typically available on operating systems. npm does not offer Node.js upgrades directly; options include node version manager and the npm-installable module n:
sudo npm cache clean -f
sudo npm install -g n
sudo n stable
None of the methods mention an npm update, though it is a good idea to keep npm current for security. If a given upgrade method does require you to have a certain version of some manager or installer, you will get a message about it when trying to upgrade.

Doesn't npm install check for a global version first?

I just setup a test, and tried to npm install express even though express already exists globally on my system. To my surprise, instead of using the global version, it ended up re-installing a version locally!? Isn't it supposed to use the global version... Or am I suppose to use -g every time, even when I only want to use the existing global version. Otherwise, what's the point of installing anything locally!?
The answer is "NO". It isn't supposed to use your global version.
If you want to use your global version, then you doesn't need to execute npm install at all because it is already installed.
If you do it then, obviously, you are saying "I want to install it locally to my project". And more than that: "I want to install its latest version unless it is declared in my package.json with other explicitly specified version".
In fact, the actual question is: Why in the hell would you want to not install a dependency of your project locally? To have more version mismatch issues?
As #anshuman_singh says, best practice is to always do an npm install --save.
You are able to use globally installed packages, of course. It could be handy for fast testing code that you will drop just after a few hours or so.
But, anyway: If you doesn't have really hard disk or network bandwidth issues, installing all dependencies locally will avoid you too much trouble in the future.
On the other hand, uploading that modules to your code repository is also a bad idea (maybe that is what you were trying to avoid) because, with different versions of node, most native modules won't work if not rebuild. But most VCS support ignoring files and or directories that must not be uploaded.
For example, in git (.gitignore file):
**/node_modules
In summary:
npm init (if you didn't already it).
npm install --save for all your project dependencies.
npm install --save-dev for dependencies not needed in production (testing stuff).
Don't upload node_modules to your VCS.
After new checkout: npm install or npm install --production (to not install dev-dependencies).
npm install -g only for tools you will use in console.
This way, you are sure that you will have in production (or other dev environments) the exact same version of each package.
And, finally, if you ever want to upgrade some package to its latest version, simply run:
npm install --save <pagkage_name>#latest.
If you’re installing something that you want to use in your program, using require('whatever'), then install it locally, at the root of your project.
If you’re installing something that you want to use in your shell, on the command line or something, install it globally, so that its binaries end up in your PATH environment variable.
The first option is the best in my opinion. Simple, clear, explicit. The second is really handy if you are going to re-use the same library in a bunch of different projects
Install locally-
npm install moduleName
install locally and save in package.json-
npm install moduleName --save
install globally-
npm install moduleName -g

Why does Node.js's Mac Package ship with old version of npm? any issues?

I just installed the current version of node (3/14/16) 4.4.0 directly from Node.js via a Mac Package (the new suggested way, previously I installed via Homebrew).
I'm curious if anyone knows why the package ships with npm version 2.14.20, the book I'm going through suggests updating npm manually with the command
sudo npm install npm -g
The version I see is now 3.8.1, that's quite a large difference hence my question, is it safe/smart to be this far ahead of what Node.js is officially putting out with their Mac package file?
EDIT:
It appears it's common for Node's recommended v4.x install to come with npm 2.x, the question that remains is, will there be any negative side effects of using the newest npm but an older version of node?

npm comes with node now. What does this mean?

Node noob here.
I had previously installed both npm and node separately.
Apparently, npm comes with node now. (link)
To my newbie mind, this means my previous dual installation is old and ugly. 1 binary > 2 binaries. So i uninstalled both.
Then I installed the latest node following the procedure. (i am running eOS)
Terminal
user#box:-$ which node
/usr/bin/node
user#box:-$ node -v
v0.10.22
user#box:-$ which npm
user#box:-$ npm -v
bash: /usr/bin/npm: No such file or directory
I can always run:
curl https://npmjs.org/install.sh | sh
but that seems to indicate that npm is actually NOT included in node.
When they say they are included do they just mean the code is in the same repo, but the binaries are still different?
Final question I have /usr/bin/node as well as /usr/bin/nodejs
can i delete one of these? im not sure when/where i picked up a second copy.
Yes, the nodejs package includes both node and npm executables. The code for each has its own repo, but when packaged both are included.
npm source: https://github.com/isaacs/npm
node source: https://github.com/joyent/node
When you install that .deb file from the PPA, you should get both /usr/bin/nodejs and /usr/bin/npm and 2 symlinks at /usr/bin/node (which points to) /etc/alternatives/node (which points to /usr/bin/nodejs).
If any of this isn't true, your install didn't fully succeed, most likely due to conflicting files you left around from your manual install. I would suggest uninstalling the .deb then making sure there are no stale files left from your manual install and then installing again.
Only node.js packages comes with npm. so if you are installing using an .msi, .exe, .dmg .pkg, .deb or using a package installer like apt-get, yum or brew, then you'll have both node and npm.
However,npm is not part of the node core. if you are installing node and using a method where you are using ./configure or make install || make link, then npm will not be installed, and will need to be compiled using the same type of installation, and node will have to be placed on your path.
If you used git, or unzipped node and you can see a configure script, then you will also need to acquire npm.
I've had issues (mostly on Mac) with npm ending up in directories that aren't in the terminal PATH. If you can figure out where npm is located, you can just add it to your path with something like:
export PATH=$PATH:/path/to/npm
I think (I'm not on a mac so I can't check at the moment) that it sometimes gets put in /usr/local/share/. But at any rate, the problem is likely NOT that npm isn't installed, but that it's installed somewhere you're not expecting.
Few months ago i had started learning the react so all this stuff i needed to install my laptop that had the ubuntu operating system.
What i did -- First i installed the node and without knowing that it came up with the npm package. I installed the npm package again.. but there was no conflict at all.
But after exploring all these things that nodejs have npm package. So i uninstalled the npm package due to concern about memory usage..
And Now everything is working fine....

How to upgrade node.js on Windows?

I already have Node.js v0.8.0 running on Windows. Can I just run the latest installer to upgrade it to v0.8.4? I am afraid it will break existing third party modules on my machine.
Yes, you just install the latest version. Generally you shouldn't have any compatibility problems if you are already using the same major version (e.g. Version 0.8.x). If you are concerned about changes, you can always check the changelog for each version (link to changelog is on node.js download page at nodejs.org). That should tell you of any big changes (i.e API changes, etc).
For the record, I have just gone through the process, and it is painless even if you upgrade to another major version.
I have moved from 0.8 to 0.10, using the .msi package, overwriting the one installed on my system. Package problems were all fixed with npm update -g. Worked like a charm.
In case it does not work like a charm:
npm cache clean usually fixes the problem. Once the cache is empty, just run npm update -g again.
In case you really run into trouble:
Delete the modules you have installed globally, then reinstall them. Here's how:
Take stock of what you have:
npm list -g --depth=0 lists all top-level packages, with version numbers.
npm list -g --parseable --depth=0 > npm-global-modules.txt writes them to a file in your cwd.
Any strange stuff you didn't install yourself has probably been installed by another module (rare, but I have seen it happen). Remove those modules from the list. Also remove the module "npm".
In an editor, format the output for the command line by replacing \n?[^\n]+[\\/] (regex) with a single space.
(I didn't get this to work with findstr in a pipe, hence the roundtrip to the editor. You can also do it manually, of course ;)
Delete all modules. On Windows, delete (or rename) the %appdata%\npm directory. For other OS, see Command to remove all npm modules globally?
Reinstall the modules with npm install -g [your module list here]. Don't forget to npm cache clean before you do it.
I don't have experience with node on Windows, but I have just upgraded node & modules on my Mac, so this is just a general answer:
If you install v0.8, you might break your existing node modules, if they use deprecated functions, etc. The problem is that npm only checks your version of node while modules are being installed, not at run-time.
To be on the safe side, you need to find the global node_modules folder on your machine, back it up to somewhere, then delete and reinstall the modules. You will need to do the same thing for the node_modules folders in the apps you are using. (Assuming you have package.json files, reinstalling these should be easy.)
In practice, I don't think any of the modules I was using were actually incompatible. Good luck.
Yes. You can upgrade your node.js version to the latest by running the installer for latest node.js version at https://nodejs.org/en/. I upgraded mine from 4.4.4 to 8.11.2 running the installer.
Unless you're using a module that relies on an actual bug that was present in 0.8.0 and was fixed by 0.8.4, you're OK. There were no API changes in between those two versions (and the node team is too smart to introduce such changes in a minor release).
Currently upgrading to 4.4.*. I just used to installer from the nodejs.org website and that upgraded everything works just fine.
Just go to nodejs site & download it. You can install it directly without any hesitation. If you have any dependency on earlier version then check change logs.
JUST GO TO
nodejs.org
INSTALL THE LATEST STABLE VERSION (Recommended For Most Users)
and then run
npm install node
Now, you are good to go
You can even check the version of NodeJS using command
node --version
Best way to install node on windows is by using nvm-windows, so you can quickly switch between versions if you need to. This is analogous to the best way of installing node on linux and max, ie with nvm.
But Benjen is right (how could he not be with all his scouting experience) that you can just install a different version of node, and your version will update. Your npm dependencies may have to be reinstalled, and any extensions that aren't managed by npm may need to be recompiled, but this will be true no matter how you change your node version.

Resources