NPM: Never install nested optional dependencies for npm package - node.js

I'm authoring a package A which I want to publish to NPM.
A has a dependency on package B, which in turn has a dependency on package C. C then has two optional native dependencies D and E. I know for definite I have no use for the optional dependencies, D and E, and NEVER want to try and install them when someone installs my package.
I know you can use the command npm install A --no-optional -g to install the package without optional dependencies, but this would be knowledge/overhead that I'd rather consumers of the package not need.
Is there any npm config or workaround where consumers of package A can just npm install A or npm install -g A and optional dependencies will never be installed?
Thanks

npm install A --no-optional
Test to see if everything works.
npm list
Make sure you have no errors.
npm shrinkwrap
That will lock down the dependencies for the packages.
That way npm install will look into npm-shrinkwrap.json before trying to install dependencies.
You can read more about it here https://docs.npmjs.com/cli/shrinkwrap

Related

how to Include a npm package in my npm package

i am create a npm package and i want date-npm package for my npm package how to include this package to my npm package,any way?
If you’re just building an npm library then just include date lib in your package.json dependencies. Once a user installs your lib, then npm will take care of the rest.
Just execute
npm install date-npm
in your package.
Once your package is published, anyone installing your package, like:
npm install your-groovy-package-here
will have date-npm, as well as any other dependencies your package might have, installed along with it.

Using --ignore-scripts for one dependency in NPM

Following this question, NPM dependencies can be installed using:
$ npm install --ignore-scripts
Is there a way to mark that a dependency should be installed without running scripts in package.json?
This is because, when I run npm install --ignore-scripts, the dependency is added to package.json. As a result, other users will install the package while running scripts, however I want this certain package to never run scripts.
I could be wrong but I believe its: npm install -ignore-script package-name#version

How to npm install a module without installing peer dependencies

I am trying to npm install karma-jasmine and for some odd purpose only want to npm install that module and not karma. It install karma as well as it is defined as a peerDependency. Is it possible to not install peerDependency and how? I am using npm 1.4.28
This is my package.json
{"dependencies": {"karma-jasmine": "0.2.3"}}
Can you update to newer npm, let say version >=3 ? It does not install peerDependencies by default.

How to install a previous exact version of a NPM package?

I used nvm to download node v0.4.10 and installed npm to work with that version of node.
I am trying to install express using
npm install express -g
and I get an error that express requires node version >= 0.5.0.
Well, this is odd, since I am following the directions for a node+express+mongodb tutorial here that used node v0.4.10, so I am assuming express is/was available to node v0.4.10. If my assumption is correct, how do I tell npm to fetch a version that would work with my setup?
If you have to install an older version of a package, just specify it
npm install <package>#<version>
For example: npm install express#3.0.0
You can also add the --save flag to that command to add it to your package.json dependencies, or --save --save-exact flags if you want that exact version specified in your package.json dependencies.
The install command is documented here: https://docs.npmjs.com/cli/install
If you're not sure what versions of a package are available, you can use:
npm view <package> versions
And npm view can be used for viewing other things about a package too. https://docs.npmjs.com/cli/view
It's quite easy. Just write this, for example:
npm install -g npm#4.6.1
Or:
npm install -g npm#latest // For the last stable version
npm install -g npm#next // For the most recent release
First remove old version, then run literally the following:
npm install express#3.X
or
npm install express#4.X
and for stable or recent
npm install -g npm#latest // For the last stable version
npm install -g npm#next // For the most recent release
In my opinion that is easiest and fastest way:
$ npm -v
4.2.0
$ npm install -g npm#latest-3
...
$ npm -v
3.10.10
you can update your npm package by using this command:
npm install <package_name>#<version_number>
example:
npm install yargs#12.0.2
You can use the following command to install a previous version of an npm package:
npm install packagename#version
I have a general way to solve this type of problems, which could be helpful too, especially when cloning repositories to run them locally, but requires a little more analysis of the versions.
With the package npm-check-updates I verify the versions of the packages (according to the package.json file) that are not declared in their latest available versions, as shown in the figure (https://www.npmjs.com/package/npm-check-updates):
With this information we can verify the update status of the different packages and make decisions as to which packages to upgrade / degrade and which ones do not.
Assuming that we decided to update all the packages as they are listed, we can use the ncu -u command which only modifies your package.json file. Run npm install to update your installed packages and package-lock.json.
Then, depending on the requirements of the repository, we can refine what is needed, installing the specific versions with
npm view <package> versions and npm install <package>#<version>
The easiest way I found: add package name with the version in package.json and then run npm install
"next-seo": "^5.4.0",
"next-themes": "^0.1.1",
"nextjs-progressbar": "^0.0.14",
If you have to install an older version of a package, just specify it
npm install #
For example: npm install express#3.0.0
You can also add the --save flag to that command to add it to your package.json dependencies, or --save --save-exact flags if you want that exact version specified in your package.json dependencies.
The install command is documented here: https://docs.npmjs.com/cli/install
If you're not sure what versions of a package are available, you can use:
npm view versions
And npm view can be used for viewing other things about a package too. https://docs.npmjs.com/cli/view
Use npm config set save-exact=true if you want to install the exact version

npm install vs. update - what's the difference?

What is the practical difference between npm install and npm update? When should I use which?
The difference between npm install and npm update handling of package versions specified in package.json:
{
"name": "my-project",
"version": "1.0", // install update
"dependencies": { // ------------------
"already-installed-versionless-module": "*", // ignores "1.0" -> "1.1"
"already-installed-semver-module": "^1.4.3" // ignores "1.4.3" -> "1.5.2"
"already-installed-versioned-module": "3.4.1" // ignores ignores
"not-yet-installed-versionless-module": "*", // installs installs
"not-yet-installed-semver-module": "^4.2.1" // installs installs
"not-yet-installed-versioned-module": "2.7.8" // installs installs
}
}
Summary: The only big difference is that an already installed module with fuzzy versioning ...
gets ignored by npm install
gets updated by npm update
Additionally: install and update by default handle devDependencies differently
npm install will install/update devDependencies unless --production flag is added
npm update will ignore devDependencies unless --dev flag is added
Why use npm install at all?
Because npm install does more when you look besides handling your dependencies in package.json.
As you can see in npm install you can ...
manually install node-modules
set them as global (which puts them in the shell's PATH) using npm install -g <name>
install certain versions described by git tags
install from a git url
force a reinstall with --force
npm install installs all modules that are listed on package.json file and their dependencies.
npm update updates all packages in the node_modules directory and their dependencies.
npm install express installs only the express module and its dependencies.
npm update express updates express module (starting with npm#2.x, it doesn't update its dependencies).
So updates are for when you already have the module and wish to get the new version.
In most cases, this will install the latest version of the module published on npm.
npm install express --save
or better to upgrade module to latest version use:
npm install express#latest --save --force
--save: Package will appear in your dependencies.
More info: npm-install
npm update: install and update with latest node modules which are in package.json
npm install: install node modules which are defined in package.json(without update)
Many distinctions have already been mentioned. Here is one more:
Running npm install at the top of your source directory will run various scripts: prepublish, preinstall, install, postinstall. Depending on what these scripts do, a npm install may do considerably more work than just installing dependencies.
I've just had a use case where prepublish would call make and the Makefile was designed to fetch dependencies if the package.json got updated. Calling npm install from within the Makefile would have lead to an infinite recursion, while calling npm update worked just fine, installing all dependencies so that the build could proceed even if make was called directly.

Resources