What is NPM? A Beginner’s guide to NPM

By Jordan Pinski On June 23, 2018
  • Node.js
An abstract picture of how NPM works.

NPM Node Package Manager

NPM or Node Package Manager was introduced in 2010 as the default package manager for Node.js. It’s creator Isaac Z. Schlueter was apparently fed up with how terribly module packaging was done at the time and created NPM. It’s currently on version 6.1.0 as of May 24th, 2018.


What is a package manager?

A package manager does exactly what its’ name implies, it manages the required packages for your project. It does this by allowing you to define what packages and version of the packages your project requires.

NPM is primarily used to install and manage node packages in your project, but there are other uses. It consists of three parts, the Website, the Command Line Interface (CLI), and the Registry. I’ll explain what each part is used for below and how you can get started using it. If you’re not using NPM in 2018 you definitely should be (really there’s no excuse!). The breadth of packages that can be installed is amazing & the fact that most of the packages you’ll use are free and open source is even better.

To begin using NPM go to Nodejs.org and download/install the recommended version of Node.js. This will install Node.js with NPM as a recommended feature. Detailed instructions can be found on npmjs.org here. If you’re on windows I would recommend downloading NVM node version manager for Windows as well, but this isn’t necessary and you can always install it later. NVM will allow you to easily install and switch between different versions of Node.js. This is useful if you need to work with projects requiring different versions of Node.js.


What is a node package?

A node package is a reusable piece of JavaScript that can be used in any project & is most often free to use. Generally you won’t need to modify a package to implement it in your project. If you think the package could be improved & the improvements could be useful for others you can contribute to the original source on GitHub and look for it to be implemented. If there’s a change you’d like to make that won’t be useful to others the best thing to do is fork the package and modify it.

To better understand what a package does I’ll give you this example straight from NPM documentation. Let’s say you want to use a QR scanner in your project, rather than spending weeks developing one you can search for a package on npmjs.com. If a package exists, you can add it to your project.


The Website

The website, npmjs.com is used to browse and find node packages in the Registry. In the example above (QR scanner) you would simply start typing qr scanner in the search bar & results will appear that match your search term. I found QRCodeScanner which is described as the following: “This is a SIMPLE qr-code-scanner that will allow you to open the user’s camera, scan it and match a pattern or read the string out of the QR Code.”. Perfect, if you needed this for a project you would’ve just saved weeks in development time.


The Command Line Interface (CLI)

The CLI is your way of installing node packages to your project. To begin using NPM in your project, navigate to the root directory in your project folder, open your terminal (command prompt in windows) and run the following commands.

npm init – This will run a command line questionnaire to generate a package-lock.json, and package.json files which will list your project’s name, version, description, entry point, test command, git repository, keywords, author, and license. If you mess something up you can always change it later by editing the generated package.json file.

npm install PACKAGE-HERE – This will locally install the package you want and any of that packages’ dependencies in a folder called node_modules. It will also modify your package.json and list the package and version as a dependency of your project.


The Registry

This is a database that contains all of the node packages created and submitted to NPM. There’s over 600,000 packages available and over 3 billion downloads each week. That’s absolutely amazing. You do need to be careful when searching for a package. None of the packages submitted are vetted. This means a lot of packages could be low-quality code, insecure, or even malicious.

NPM isn’t the only package manager for Node.js. Many others exist, but if you’re just beginning you should stick with NPM until you feel comfortable learning a new package manager. It’s a great tool to add to your tool-belt as a JavaScript developer and definitely something your future self with thank you for learning.

Leave a comment

Your email address will not be published. Required fields are marked *