NPM Basics: Essential Commands Every Developer Should Know

• 05 January 2026
• npm

If you're working with JavaScript or Node.js, you've probably heard of NPM (Node Package Manager). It's the world's largest software registry and an essential tool in every JavaScript developer's toolkit. But if you're just starting out, all those commands can feel a bit overwhelming. Don't worry—we're here to break it down in a friendly, easy-to-understand way!

What is NPM, Anyway?

Before we dive into the commands, let's quickly cover what NPM actually is. NPM is a package manager for JavaScript that helps you install, share, and manage dependencies in your projects. Think of it as an app store for code libraries and tools. Instead of manually downloading files and managing versions yourself, NPM does the heavy lifting for you.

NPM comes bundled with Node.js, so when you install Node.js on your computer, you automatically get NPM too. Pretty convenient, right?

Getting Started: npm init

Every NPM journey begins with npm init. This command creates a package.json file, which is basically the heart of your Node.js project. It contains metadata about your project and lists all the dependencies you'll use.

npm init

When you run this command, NPM will ask you a series of questions about your project: name, version, description, entry point, and more. If you're feeling lazy (we've all been there!), you can skip all the questions with:

npm init -y

The -y flag automatically says "yes" to all the prompts and creates a basic package.json with default values. You can always edit it later!

Installing Packages: npm install

Here's where the magic happens! The npm install command (often shortened to npm i) lets you add packages to your project.

Installing a Specific Package

To install a single package, just type:

npm install package-name

For example, to install the popular Express.js framework:

npm install express

This command does three things:

1. Downloads the package from the NPM registry
2. Adds it to your node_modules folder
3. Records it in your package.json file under dependencies

Installing Multiple Packages

You can also install multiple packages at once:

npm install express mongoose dotenv

Installing as Development Dependencies

Some packages are only needed during development, not in production. For these, use the --save-dev or -D flag:

npm install --save-dev nodemon
npm install -D jest

These packages get listed under devDependencies in your package.json.

Installing Specific Versions

Sometimes you need a specific version of a package:

npm install express@4.17.1

Installing from package.json

When you clone a project from GitHub or receive code from a colleague, you'll have a package.json but no node_modules folder. Simply run:

npm install

This reads your package.json and installs all the listed dependencies. It's like magic!

Global Installations: npm install -g

Some tools need to be available system-wide, not just in one project. For these, use the -g (global) flag:

npm install -g nodemon
npm install -g create-react-app

Global packages can be used from any directory on your computer. However, use this sparingly—most packages should be installed locally to your project to avoid version conflicts.

Removing Packages: npm uninstall

Changed your mind about a package? No problem! Remove it with:

npm uninstall package-name

This removes the package from node_modules and your package.json. You can also use the shorthand:

npm un package-name

For global packages:

npm uninstall -g package-name

Updating Packages: npm update

Packages are constantly being improved with bug fixes and new features. To update your packages:

npm update

This updates all packages in your project to the latest version allowed by your package.json version ranges. To update a specific package:

npm update package-name

Checking for Outdated Packages: npm outdated

Want to see which packages have newer versions available?

npm outdated

This command shows you a nice table with the current version, wanted version (based on your version range), and latest version available. It's super helpful for keeping your dependencies fresh!

Running Scripts: npm run

One of NPM's coolest features is the ability to define custom scripts in your package.json. You can then run these scripts with:

npm run script-name

For example, if you have this in your package.json:

"scripts": {
  "dev": "nodemon server.js",
  "build": "webpack --mode production"
}

You can run:

npm run dev
npm run build

Special Scripts

Some script names are special and don't need the run keyword:

• npm start - Runs your application
• npm test - Runs your tests
• npm stop - Stops your application

These are shortcuts for npm run start, npm run test, and npm run stop.

Viewing Installed Packages: npm list

Curious about what packages you have installed? Use:

npm list

This shows all packages in a tree structure, including all dependencies of your dependencies. To see only top-level packages:

npm list --depth=0

For global packages:

npm list -g --depth=0

Security Scanning: npm audit

Security is important! NPM can automatically check your dependencies for known vulnerabilities:

npm audit

This scans your packages and shows any security issues. If fixes are available, you can automatically apply them with:

npm audit fix

For more aggressive fixes (which might include breaking changes):

npm audit fix --force

Getting Package Information: npm view

Want to learn more about a package before installing it?

npm view package-name

This shows detailed information including description, versions, dependencies, and more. To see all available versions:

npm view package-name versions

Clearing the Cache: npm cache clean

Sometimes NPM's cache can cause issues. If you're experiencing weird problems, try clearing it:

npm cache clean --force

The --force flag is required because NPM really wants you to be sure about this!

Searching for Packages: npm search

Looking for a package but don't know its exact name?

npm search keyword

However, honestly, it's usually easier to search on npmjs.com directly in your browser where you can see descriptions, download stats, and more.

Publishing Your Own Package: npm publish

Once you've created something awesome, you can share it with the world:

npm publish

Just make sure you have an NPM account and are logged in with npm login first!

Version Management: npm version

Need to bump your package version? NPM makes it easy:

npm version patch  # 1.0.0 -> 1.0.1
npm version minor  # 1.0.0 -> 1.1.0
npm version major  # 1.0.0 -> 2.0.0

This automatically updates your package.json and creates a git tag if you're using git.

Pro Tips for NPM Success

Now that you know the commands, here are some tips to make your NPM experience even better:

1. Use npx for one-time commands: Instead of installing packages globally, use npx to run them once. For example: npx create-react-app my-app

2. Check your package.json regularly: It's the source of truth for your project. Make sure it's organized and up-to-date.

3. Commit package-lock.json: This file ensures everyone on your team uses the exact same versions of dependencies. Always commit it to version control.

4. Use semantic versioning wisely: Understand what ^1.2.3 vs ~1.2.3 means in your dependencies.

5. Keep dependencies minimal: Only install what you actually need. Fewer dependencies mean fewer potential security issues and a faster installation process.

Wrapping Up

NPM might seem complex at first, but these basic commands will cover 90% of your daily needs. Start with npm init, install packages with npm install, run your scripts with npm run, and keep things secure with npm audit. Before you know it, these commands will become second nature!

Remember, the NPM documentation at docs.npmjs.com is always there if you need more details. And don't be afraid to experiment—that's the best way to learn!

Happy coding, and may your node_modules folder always be healthy! 🚀

• ← Previous
  Your Ultimate Guide to Markdown