The package.json file is an essential component within the functioning of NPM. This file plays a fundamental role as it stores project data, its dependencies, custom scripts, and important metadata.
Among the functions of this file are:
Dependency management: Using package.json allows managing the project’s dependencies.
Reproducibility: The combination of the package.json file along with the package-lock.json file ensures that you can reproduce a project (for example, to duplicate, copy to another machine).
Collaboration and distribution: To share a package with other developers, simply providing the package.json file and the commands to install the dependencies will be sufficient.
Basic structure of package.json
The structure of the package.json
file is in JSON format (JavaScript Object Notation). Therefore, it is very easy for a person to understand, and even edit it manually without too much difficulty.
The package.json
file consists of several keys and values that define the characteristics and dependencies of the project. Let’s look at a simple example of a possible (made up) package.json
file:
{
"name": "curso-npm",
"version": "1.0.0",
"description": "Curso de NPM - Aprende a utilizar Node Package Manager",
"main": "index.js",
"author": "LuisLlamas.es",
"license": "MIT",
"scripts": {
"start": "node index.js",
"test": "echo \"No tests available\""
},
"dependencies": {
"express": "^4.17.1",
"lodash": "^4.17.21"
},
"devDependencies": {
"nodemon": "^2.0.12",
"eslint": "^7.32.0"
}
}
Explanation of the main parts of the file:
Attribute | Description | Example |
---|---|---|
name | Name of the project. | “curso-npm” |
version | Version of the project. | “1.0.0” |
description | Brief description of the project. | |
main | Main file of the project, it is the entry point when importing the module. | “index.js” |
author | Name of the project author. | |
license | License of the project. | “MIT” |
scripts | Defines commands that can be executed using npm run script-name . | |
dependencies | List of dependencies required for the project to function correctly in production. | “express”, “lodash” |
devDependencies | List of dependencies required only for development. | “nodemon”, “eslint” |
Scripts
The scripts key allows defining terminal commands that we can associate with a custom Alias, making it more convenient for us or our collaborators to use.
These scripts can be executed using the command
npm run script_name
In the previous example, we had two scripts with Aliases start
and test
. In that case
start
would execute the “index.js” file with Node.jstest
displays a message indicating that no tests are available.
These scripts can be used to perform tasks such as process automation, compilation, running tests, cleaning directories (among many other examples).
Dependencies and DevDependencies
The dependencies and devDependencies keys list the project’s dependencies. The difference between the two is that
- dependencies are necessary for the program to function correctly in production.
- devDependencies are only required during development.
Separating these dependencies is important to allow using tools only in the development phase, while avoiding the inclusion of unnecessary packages in the distribution of the final application (the “real” one).
For example, imagine that you are using a library that helps you during development by highlighting syntax errors. You do not want that library to be part of the final product. In that case, you would add it to devDependencies.
Package-lock
The package-lock.json
file is a file that is automatically generated by NPM* during operations that modify the node_modules
tree or the package.json
file.
Its main function is to describe the exact dependency tree that was generated during an installation, allowing future installations to generate identical trees, regardless of intermediate updates to the dependencies.
We should not manually touch the Package-lock file, it is an internal file used by NPM. Just get used to ignoring it 😉