Skip to main content

What is npm?

npm (Node Package Manager) is JavaScript’s package manager. It installs libraries, manages dependencies, and runs project scripts. It came bundled with Node.js when you installed it. If you’ve used pip in Python, npm is the same idea:

package.json

Every JavaScript project has a package.json file. It describes your project and lists its dependencies — like a requirements.txt with extra features.
package.json
The key sections:
  • name and version — project identity
  • scripts — commands you can run with npm run <name>
  • dependencies — packages your app needs to run
  • devDependencies — packages you only need during development (linters, formatters, test tools)

Installing packages

When you run npm install, two things happen:
  1. The package code downloads into a node_modules/ folder
  2. The package name and version are added to package.json
Never commit node_modules/ to git. It can contain hundreds of megabytes of files. Add it to .gitignore and let each developer run npm install to download their own copy.

Running scripts

The scripts section in package.json lets you define shortcut commands:
When you see instructions like “run npm run dev” in a project’s README, they’re referring to a script defined in package.json. Check the scripts section to see what command it actually runs.

package-lock.json

When you install packages, npm also creates a package-lock.json file. This locks the exact versions of every package and sub-dependency so that everyone on your team gets identical installs.
  • Do commit package-lock.json to git
  • Don’t edit it manually — npm manages it for you
package-lock.json is like a more detailed version of pip freeze > requirements.txt. It ensures reproducible installs across different machines.

What’s next?

You know how npm works. Let’s put it all together and set up a proper JavaScript project from scratch.

Project setup

Initialize a JavaScript project and configure the basics