The package.json file is an essential component within the operation of NPM. This file plays a fundamental role as it stores the project’s data, its dependencies, custom scripts, and important metadata.
Among the functions of this file are:
Dependency Management: Using package.json allows you to manage the project’s dependencies
Reproducibility: The combination of the package.json file along with the package-lock.json file ensures you can reproduce a project (for example, to duplicate or copy to another machine)
Collaboration and Distribution: To share a package with other developers, simply providing the package.json file and the commands to install the dependencies will be sufficient
Basic Structure of package.json
The structure of the package.json file is in JSON format (JavaScript Object Notation). Therefore, it is very easy for a person to understand, and even to edit by hand without much difficulty.
The package.json file consists of several keys and values that define the project’s characteristics and dependencies. Let’s look at a simple example of a possible (invented) package.json file:
{ “name”: “curso-npm”, “version”: “1.0.0”, “description”: “Curso de NPM - Aprende a utilizar Node Package Manager”, “main”: “index.js”, “author”: “LuisLlamas.es”, “license”: “MIT”, “scripts”: { “start”: “node index.js”, “test”: “echo “No hay pruebas disponibles"" }, “dependencies”: { “express”: “^4.17.1”, “lodash”: “^4.17.21” }, “devDependencies”: { “nodemon”: “^2.0.12”, “eslint”: “^7.32.0” } }
Explanation of the main parts of the file:
| Attribute | Description | Example |
|---|---|---|
| name | Project name. | ”curso-npm” |
| version | Project version. | ”1.0.0” |
| description | Brief description of the project. | |
| main | Main file of the project, it’s the entry point when the module is imported. | ”index.js” |
| author | Name of the project author. | |
| license | Project license. | ”MIT” |
| scripts | Defines commands that can be executed using npm run script-name. | |
| dependencies | List of dependencies required for the project to work correctly in production. | ”express”, “lodash” |
| devDependencies | List of dependencies required only for development. | ”nodemon”, “eslint” |
Scripts
The scripts key allows you to define terminal commands that we can associate with a custom Alias, making it more convenient for us or our collaborators to use.
These Scripts can be executed using the command
npm run script_name
In the previous example we had two scripts with the Aliases start and test. In that case
startwould execute the “index.js” file with Node.jstestdisplays a message indicating that no tests are available.
These scripts can be used to perform tasks such as process automation, compilation, test execution, directory cleaning (among many other examples).
Dependencies and DevDependencies
The dependencies and devDependencies keys list the project’s dependencies. The difference between them is that
- dependencies are necessary for the program to work correctly in production
- devDependencies are only required during development.
Separating these dependencies is important to allow using tools only in the development phase, but avoiding unnecessary packages being included in the final application distribution (the “real” one).
For example, imagine you are using a library that helps you during development by highlighting syntax errors. You don’t want that library to be part of the final product. In that case, you would add it to devDependencies.
Package-lock
The package-lock.json file is a file that is automatically generated by NPM* in operations where it modifies the node_modules tree or the package.json file.
Its main function is to describe the exact dependency tree that was generated during an installation, allowing future installations to generate identical trees, regardless of intermediate dependency updates.
We should not manually edit the Package-lock file, it is an internal file used by NPM. Just get used to ignoring it 😉
