I see instructions to install a package with either
npm install <package_name>
or
npm install <package_name> --save
or
npm install <package_name> --save-dev
What is the difference between these options?
Updated, 2019:
Since this question was asked there was a change to npm, such that --save has become the default option, so you do not need to use --save to update the dependencies.
Original Answer:
npm install <package_name> --save installs the package and updates the dependencies in your package.json.
npm install <package_name> --no-save installs the package but does not update the dependencies as listed in your package.json.
npm install <package_name> ---save-dev updates the devDependencies in your package. These are only used for local testing and development.
You can read more at https://docs.npmjs.com/getting-started/using-a-package.json.
npm install takes 3 exclusive, optional flags which save or update the package version in your main package.json:
-S, --save: Package will appear in your dependencies.
-D, --save-dev: Package will appear in your devDependencies.
-O, --save-optional: Package will appear in your optionalDependencies.
When using any of the above options to save dependencies to your package.json, there is an additional, optional flag:
-E, --save-exact: Saved dependencies will be configured with an exact version rather than using npm's default semver range operator.
Further, if you have an npm-shrinkwrap.json then it will be updated as well.
<scope> is optional. The package will be downloaded from the registry associated with the specified scope. If no registry is associated with the given scope the default registry is assumed. See npm-scope.
Note: if you do not include the #-symbol on your scope name, npm will interpret this as a GitHub repository instead, see below. Scopes names must also be followed by a slash.
Examples:
npm install sax --save
npm install githubname/reponame
npm install #myorg/privatepackage
npm install node-tap --save-dev
npm install dtrace-provider --save-optional
npm install readable-stream --save --save-exact
Note: If there is a file or folder named <name> in the current working directory, then it will try to install that, and only try to fetch the package by name if it is not valid.
(from official docs) https://docs.npmjs.com/cli/install
The --save flag no longer serves a purpose.
Previously, as the other answers noted, the --save flag would update the dependencies in the project's package.json file, but npm install now includes this functionality by default.
At this point if you want to prevent npm install from saving dependencies, you have to use the --no-save flag.
Thanks to Coruscate5 for mentioning this in their comment.
More info in the npm-install documentation:
npm install saves any specified packages into dependencies by default. Additionally, you can control where and how they get saved with some additional flags:
-P, --save-prod: Package will appear in your dependencies. This is the default unless -D or -O are present.
-D, --save-dev: Package will appear in your devDependencies.
-O, --save-optional: Package will appear in your optionalDependencies.
--no-save: Prevents saving to dependencies.
When using any of the above options to save dependencies to your package.json, there are two additional, optional flags:
-E, --save-exact: Saved dependencies will be configured with an exact version rather than using npm’s default semver range operator.
-B, --save-bundle: Saved dependencies will also be added to your bundleDependencies list.
Related
There are some packages that I'd like to skip on build definition. I was wondering if there's any way to skip any specific npm packages on the build definition on ADO?
For example, if I want to ignore the npm package of #microsoft/applicationinsights-common, can I do something like below in the npm
install --ignore #microsoft/applicationinsights-common
There is no possiblity to ignore one specific npm package using npm install.
If you want to skip such npm packages, that are only needed for development, than in package.json move the development specific dependencies to devDependencies and use npm install --production command to install the packages that are defined in dependencies.
"npm uninstall packageName" removes the package and also updates the package.json file.
But from the npm doc -
To remove a package from the dependencies in package.json, use the --save flag. Include the scope if the package is scoped.
Can somebody clarify what --save flag actually does?
--save flag indicates that module record will be removed from package.json.
By default, if you call uninstall command without arguments, npm will remove the module record from package.json as well as module folder from node_modules. In the previous versions of npm you should have specified the flag explicitly.
npmjs docs:
npm uninstall takes 3 exclusive, optional flags which save or update the package version in your main package.json:
-S, --save: Package will be removed from your dependencies.
-D, --save-dev: Package will be removed from your devDependencies.
-O, --save-optional: Package will be removed from your optionalDependencies.
--no-save: Package will not be removed from your package.json file.
What happens differently when you go into your package.json and paste a package name in and do npm i vs. doing it the real npm i package-name?
package.json:
"dep": 1.0.0
vs
npm i dep --save
We have a build error and learned can bypass it by pasting. I know it isn't kosher but I really want to know why and what consequences that causes?
npm install dep doesn't add the dependency to the package.json file.
You have to add --save or --save-dev to add it to the package.json file.
Besides that, npm install will always serve you the latest build (in most cases the version tagged as latest (see npm docs)), unless you specify a specific version.
If you want your lock file to update, you have to delete the file before running npm install to generate a lock file with the dependency included (for more info check out this GitHub issue)
In conclussion it shouldn't make much of a difference if you manually add the dependency to package.json file and install it with npm install, unless the latest version of your dependency is broken.
I'm following steps from updating global packages, so I executed npm outdated -g --depth=0 and got:
Package Current Wanted Latest Location
typescript 2.2.2 2.2.2 2.4.1
Then, I executed npm update -g, but I still got the same output from npm outdated -g --depth=0.
Executing npm list -g --depth=0 also confirms that the typescript package has not been updated to 2.4.1:
+-- bower#1.8.0
+-- gulp#3.9.1
+-- typescript#2.2.2
`-- typings#2.1.1
What am I missing?
You will have to either use this script or do them one by one it seems.
This global update is a known breaking point.
Here is the reference to this issue. They seem to have closed it without addressing the issue
You can also install specific version:
npm install -g typescript#2.4.1
As of now, there is no one simple command that does this.
You can use the following steps instead to find outdated packages and update them one by one.
Determining which global packages need updating: To see which global packages need to be updated, on the command line, run:
npm outdated -g --depth=0
Updating a single global package: To update a single global package, on the command line, run:
npm update -g <package_name>
To automatically update all global packages to the 'Latest' version in a single command:
npx npm-check --global --update-all
That will update all global packages to the 'Latest' version. More information is available about npm-check, including the ability to perform an interactive update, exclude packages, etc.
Conversely, npm update -g only updates global packages to the 'Wanted' version shown by npm outdated --global, as globally installed packages are treated as if they are installed with a caret semver range specified.
Lastly, if you happen to want to update (install) a package to a version other than 'Latest' or 'Wanted':
npm install --global <pkg>#<version>
What does the command npm install -g (no arguments) do? I opened npm docs but didn't get it:
In global mode (ie, with -g or --global appended to the command), it installs the current package context (ie, the current working directory) as a global package.
What does it mean?
What it means is that whatever project currently in, npm will take the dependencies from the package.json in your current project folder and then install those dependencies globally.