I published my module to the NPM registry. When I installed it using
npm install --save-dev X
I see that the node_modules folder was included in the install, such that when I go to project Y which depends on X, I see:
Y/node_modules/X/node_modules
How is this possible?
My .npmignore file in my X project is as follows:
.idea
node_modules
bower_components
internal-docs
Anyone know what could be up?
You don't need to add node_modules to your .npmignore; it is ignored by default:
Additionally, everything in node_modules is ignored, except for bundled dependencies. npm automatically handles this for you, so don't bother adding node_modules to .npmignore.
The npm install command will naturally install the package's dependencies that are listed in its package.json file. It is a normal part of the npm install process to install the whole dependencies tree, otherwise the package wouldn't really work.
If you want to be really sure, you can use the npm pack command to generate a tarball (similar to a zip file) that you can inspect and see what files are actually published when you run npm publish.
Related
Node.js newbie here, Windows 10. I npm install-ed some packages (without -g) while inside a directory that didn't have package.json. npm placed the packages in C:\Users\{MyName}\node_modules\.
Now I'm seeing some weird behavior:
When I'm in my project directory (has package.json but no node_modules/ yet), npm list and npm list -g both show an empty list
When I'm in a non-project directory (no package.json)...
npm list -g still shows an empty list
However, npm list shows everything in C:\Users\{MyName}\node_modules\
Question 1. What is going on here? Apparently, npm's default global path should be C:\Users\{MyName}\AppData\Roaming\npm\. If so, why is it using C:\Users\{MyName}\node_modules\?
Question 2. How do I get out of this mess? Node.js has no problem importing packages from C:\Users\{MyName}\node_modules\, but I want npm to list them properly. How can I delete the semi-global packages, reinstall them correctly, and ensure that this doesn't happen again?
Welp, turns out I've been mistakenly npm install-ing packages without package.json. The first time I did this, I was in my home directory(C:\Users\{MyName}\). This caused npm to create node_modules/ and package-lock.json in the home directory. Further (mistaken) attempts to install packages in my projects--which were still missing package.json--caused npm to traverse upwards, until it found the initial node_modules/ dir, and install everything there. Because my home directory is among the places Node.js looks for modules, I didn't notice my mistake until now. :P
Not sure why it’s doing it, but the way to avoid it is to initialize your project directory using:
npm init
or if you don’t want to answer the questions:
npm init -y
That will setup the directory with the package.json and node_modules will be put there.
Ok, a couple of tips then...
when you install a package that you are going to use in production then add --save, e.g.
npm install --save some-package
this will automatically add the dependency to your package.json. If you are installing a package for use purely in development, e.g. chai, then use--save-devand it will add it to the development dependencies.
Also, git is your friend, even if you are only messing :)
Happy noding :)
For me the solution here was:
Go to c:\users[me]\AppData\Roaming\npm and delete the node_modules folder completely
Make sure I had the package.json file for the project
Delete the project package-lock.json file
Run npm init
Run npm install
Project then worked, not sure why the node_modules got to be in the folder above, ain't got time to find out.
I downloaded a theme and it has a package-lock.json file but no package.json file.
Is there a way I can generate the package.json from the package-lock.json file.
How do I install the node modules with just the package-lock.json file.
Is there a way to do that?
Warning: Do not attempt before reading comments below & backup package-lock.json.
Install the latest npm with npm install -g npm
Run npm init and respond to the questions.
The above command will generate a package.json and include the existing packages listed in package-lock.json
I think I figured it out.
I don't think npm init can draw from package-lock.json. However it does seem to pull from what is already in your /node_modules. I believe this is why #Harry B's solution works for some and not at all for others.
For example, if you have just cloned your project which contains package-lock.json, no package.json, and empty/non-existence node_modules, npm init won't create any dependencies. However, if you run npm install pkg1 pkg2 pkg3 ... then run npm init it will create the dependencies in package.json.
https://pravnyadv.github.io/unpackage/ seems to work. Copy your package lock file text in, hit the button, copy out the text into a new package.json file.
package-lock.json file relies on the presence of a package.json file, So it's not possible to retrieve package.json (happy to be proved wrong).
So a possible solution left is to use a module like auto-install which is capable of generating package.json from the project file dependencies.
First, you need to install the module globally npm install -g auto-install. Then run npm init and answer the basic requirements.
Then, run auto-install in your project root directory. All the dependencies should reflect in package.json file.
**
Or Install node modules directly from package-lock.json
**
Run npm ci which bypasses a package’s package.json to install modules from a package’s lockfile.
More Information
It appears that when I run npm link, it will install the project globally, and it seems to install devDependencies with it.
Is there a way to run npm link without devDependencies, perhaps with the --only=production flag?
In npm#4.x or lower
When you run npm link in other_module then you will get both dependencies and devDependencies symlinked.
The --production flag doesn't change anything, still creates a symlink to the whole directory
In npm#5.1.0
They fixed it!
If you remove node_modules and then do npm link --only=production, it runs an install before symlinking, and therefore devDependencies folder are indeed excluded.
This is currently not possible with npm link. The problem is, if you install only prod dependencies in that dependency, you're able to link it, but you're not able to develop on that dependency anymore (since missing devDependencies). And vice-versa: If you install devDependencies, you can't link anymore.
The solution: A package called npm-local-development at https://github.com/marcj/npm-local-development
It basically does the same thing as npm link, but works around the devDependency limitation by setting up a file watcher and syncs file changes automatically in the background, excluding all devDependencies/peerDependencies.
You install npm-local-development: npm i -g npm-local-development
You create file called .links.json in your root package.
You write every package name with its local relative folder path into it like so
{
"#shared/core": "../../my-library-repo/packages/core"
}
Open a console and run npm-local-development in that root package. Let it run in the background.
Disclaimer: I'm the author of this free open-source project.
A workaround I use is npm pack then point to the packed file in the example
I was trying to install this npm package from its github repo using this command:
npm install --save github:kpdecker/jsdiff
It looked like it went okay, because the diff folder got created inside node_modules but it didn't contain the lib or dist folders and none of its dependencies got installed. These were the only files that get copied:
runtime.js
release-notes.md
package.json
README.md
LICENSE
CONTRIBUTING.md
However, the command above works perfectly when installing other packages. For example:
npm install --save github:visionmedia/express
So, what am I missing. Is there some other command that I'm supposed to run to complete the installation of jsdiff?
This package needs a build step (see the gruntfile.js). So the artifacts (the files that will be generated at the build step wont be checked in the versioning system - git - you wont have to deal with them in your diffs and merge).
Also check out the .npmignore file.
I just set up a new project using NPM, like normal:
npm init
npm install gulp --save-dev
npm install gulp-sass gulp-clean-css gulp-autoprefixer gulp-sourcemaps gulp-uglify gulp-concat --save-dev
etc.
But then I realized, like a numpty, I'd installed it in the directory above the one I intended.
I've looked through the documentation and can't see any clear indication if there's some central repository on my system that will become upset if I start manually moving things around.
Can I just move the files I created (package.json, node_modules/*) to the right folder, or do I need to "un-init"/remove NPM from the folder and start over? (If so, how do I do this?)
Thanks.
Move the package.json to the right directory and delete the NPM stuff from the subfolder, then execute:
npm install
Because you used
--save-dev
before, the names of the packages installed are in your package.json file and used during the (second) installation.