Package Manager

npm

version

• major
• minor
• patch
• prerelease
  • alpha: WIP, unstable
  • beta: features completed but with unknown bugs
  • rc: ready to release

Suppose the current version is 1.2.3, there are many ways to update the version.

# 2.0.0
npm version major

# 1.3.0
npm version minor

# 1.2.4
npm version patch

# specific version
npm version <version>

# 1.2.4-0
npm version prerelease -m "update %s" --no-git-tag-version


# 1.2.3-alpha.0, => 1.2.3-alpha.1
npm version prerelease --preid=alpha

tag

By default, npm publish will tag your package with the latest tag.

# add tags to the existed pkg
npm <yourtag> add <pkg>@<version>

npm publish --tag beta

npm install somepkg@beta

link

npm link can be used to debug your local package that is still developing. Suppose your project relies on the developing package pkgA as shown below.

- project
  - node_modules
  	- pkgA

To debug pkgA, we follow th following steps

~ cd pkgA
~ npm link

~ cd project
~ npm link pkgA

When you are done, you can remove local dependency using npm unlink

cd project
npm unlink pkgA

You can also opt to remove the global link

cd pkgA
npm uninstall pkgA -g

npmrc

This is the npm config file, which can be used to update the global or user-level config files. There are four relevant files

• project-related file (path-to-project/.npmrc)
• user-level config file (~/.npmrc)
• the global config file ($PREFIX/etc/.npmrc)
• the built-in config file

To access the the user-level config file, you can run

npm config get userconfig

Likewise, to access the the global config file, run this command,

npm config get prefix

How to use it? One of the useful settings is registry. For example, we can set the default registry for our project to speed up the download progress.

cd project
touch .npmrc

Then specify your registry in .npmrc

registry=https://registry.npm.taobao.org/

If you have multiple project, you can also set the user-level or global config file

npm config set registry https://registry.npm.taobao.org/ [-g]

To remove the configuration, you just need to specify the key and delete it

npm config delete <key>

yarn

lock

yarn is another widely used package manager. When running yarn install, the file yarn.lock will be created.

So, what’s the use of this file? As its name suggests, yarn.lock will lock down the versions of dependencies specified in the package.json, which ensures that everyone in a team has the same dependencies.

upgrade

Wait, how to upgrade versions of dependencies? Simply run yarn upgrade.

But this command can only upgrade versions between specified version range. If you need the latest version ignoring the specified version range, run yarn upgrade --latest.

pnpm

npx

nrm

install

npm install nrm -g
nrm ls

add your own registry

nrm add localnpm http://localhost:4873/
nrm use localnpm

remove

nrm del localnpm

References

• publish-pkgs-docs
• package.json