Script Valley
Node.js: The Complete Runtime
The Node.js Runtime ExplainedLesson 1.4

npm and package.json: managing Node.js dependencies

npm init, package.json fields, dependencies vs devDependencies, package-lock.json, semantic versioning, npm scripts, npx

package.json Is Your Project Contract

Every Node.js project starts with package.json. It declares the project name, version, entry point, run scripts, and all dependencies with their required versions.

npm init -y
npm install express
npm install jest --save-dev
npm install  // installs from package.json

Semantic Versioning

npm uses semver: MAJOR.MINOR.PATCH. The prefix controls what updates are auto-installed:

"express": "^4.18.2"  // allow minor and patch updates
"express": "~4.18.2"  // allow patch updates only
"express": "4.18.2"   // exact version pinned

npm Scripts

The scripts field lets you define project commands:

{
  "scripts": {
    "start": "node src/index.js",
    "dev": "nodemon src/index.js",
    "test": "jest"
  }
}

Run them with npm run dev. The start and test scripts are special — they run with just npm start or npm test. Use npx to run a package binary without installing it globally: npx create-react-app my-app.

Up next

Node.js built-in globals and useful CLI flags

Sign in to track progress