Installing Packages

Installing packages is the most common npm operation. Let's explore all the ways to add packages to your project.

Basic Installation

Install a package and add it to dependencies:

npm install lodash
# or shorthand
npm i lodash

This does three things:

1. Downloads the package to node_modules/
2. Adds it to dependencies in package.json
3. Updates package-lock.json

Installing Multiple Packages

Install several packages at once:

npm install express mongoose cors dotenv

Installation Flags

Save as Development Dependency

For packages only needed during development:

npm install jest --save-dev
# or shorthand
npm i jest -D

Install Exact Version

Prevent caret (^) in version:

npm install lodash --save-exact
# or
npm i lodash -E

Result: "lodash": "4.17.21" instead of "lodash": "^4.17.21"

Install Specific Version

npm install lodash@4.17.20
npm install react@18
npm install typescript@latest
npm install express@next

Install from Different Sources

# From GitHub
npm install github:user/repo

# From GitHub with tag/branch
npm install github:user/repo#v1.0.0

# From git URL
npm install git+https://github.com/user/repo.git

# From local path
npm install ../my-local-package

# From tarball URL
npm install https://example.com/package.tgz

Reinstalling Dependencies

Install all dependencies from package.json:

npm install
# or
npm i

This is typically run:

• After cloning a repository
• After pulling changes that modified package.json
• To restore a deleted node_modules folder

Clean Install

For CI/CD and production:

npm ci

npm ci differs from npm install:

npm install	npm ci
Updates package-lock.json	Uses package-lock.json exactly
May install different versions	Deterministic, reproducible
Slower	Faster
For development	For CI/CD

Viewing Installed Packages

# List top-level packages
npm list

# List all packages (including nested)
npm list --all

# List with depth limit
npm list --depth=1

# Find why a package is installed
npm explain lodash

Package Information

# View package details
npm view lodash

# View specific field
npm view lodash version
npm view lodash versions  # all versions
npm view lodash dependencies

# Open package homepage
npm home lodash

# Open package repository
npm repo lodash

Practice: Package Installation

Here's what your package.json might look like after installing packages:

The node_modules Directory

When you install packages, they go into node_modules/:

my-project/
├── node_modules/
│   ├── express/
│   ├── lodash/
│   └── ... (many more)
├── package.json
└── package-lock.json

Important:

• Never edit files in node_modules/
• Never commit node_modules/ to git
• Regenerate with npm install when needed

Common Installation Patterns

Web Application

npm init -y
npm install express cors helmet dotenv
npm install -D nodemon jest

React Project

npm create vite@latest my-app -- --template react
cd my-app
npm install axios react-router-dom
npm install -D vitest @testing-library/react

Node.js CLI Tool

npm init -y
npm install commander inquirer chalk
npm install -D typescript @types/node

Troubleshooting

Clear npm Cache

npm cache clean --force

Delete and Reinstall

rm -rf node_modules package-lock.json
npm install

Permission Errors

# Check npm config
npm config get prefix

# Use different prefix (for global installs)
npm config set prefix ~/.npm-global

Key Takeaways

1. npm install <pkg> adds to dependencies
2. npm install -D adds to devDependencies
3. npm ci for reproducible, fast installs
4. Never commit node_modules to version control
5. npm view to explore package details

What's Next?

Now let's understand the critical difference between dependencies and devDependencies.