Skip to content
HeyNode

How to Install NPM Packages

Through both a video and written tutorial, you’ll learn the difference between npm install and npm install <package>, where packages go, all about dependencies, and how to search for and choose Node Package Manager packages.

Installing packages and dependencies in Node is one of the most important tasks we accomplish using the npm Command Line Interface (CLI). Before an application can be run, you need to install all existing dependencies recorded in the application’s package.json file. You can also add new packages from npmjs.com as dependencies to the application by running npm install <package>. You can install packages as a local dependency for an application, as a devDependency, or globally (making them accessible from anywhere on your system).

In this tutorial we’ll:

  • Identify the difference between npm install and npm install <package>
  • Explain where packages go once they are installed
  • List different kinds of dependencies
  • Describe how to search for and choose npm packages

Goal

Install dependencies listed in package.json and add new dependencies from NPM.

Prerequisites

Watch: Install NPM packages

Installing dependencies from package.json

One of the core uses for the npm CLI is installing packages from npmjs.com. One of the most common ways you’ll interact with npm is through the npm install command.

The first thing you do after checking out a Node.js project for the first time is install all the dependencies listed in the project’s package.json file. This is an essential setup step before an application can be run. If you try to run an application before installing its dependencies, you’ll likely get an error message printed to the console like Error: Cannot find module and the application will crash.

To install a project’s dependencies, enter the application’s root folder, and run the following command:

Terminal window
npm install

You’ll see a progress bar as npm begin downloading the dependencies, and a node_modules/ folder will be created in the project’s root if one didn’t exist already. You should also see a package-lock.json was generated, if the project doesn’t have one already. Learn more about package-lock.json if you aren’t familiar with this important file.

Running npm install with no arguments reads the list of dependencies (and devDependencies) from the available package.json file, downloads the dependencies, and places them into the application’s node_modules/ folder. Once the dependencies are installed to the node_modules folder, they are able to found by the application.

Adding new dependencies

Besides installing existing dependencies for a project, you can use the npm install command to add new packages to an application. Once you have found a package on npmjs.com you would like to use, run npm install <package-name> where <package-name> is the name of the package you’d like to install.

For example, to install the popular Express server framework as a dependency you would enter:

Terminal window
npm install express

Note: Most npm commands have aliases you can use instead of typing the whole command. You may commonly see npm i used as an alias for npm install. The two are interchangeable and both do the exact same thing. Use whichever you prefer.

After running this command, you will see a progress bar as npm fetches the package. The package will be downloaded from NPM, installed to your node_modules/ folder, and your package.json’s dependencies field will be updated with the new dependency and installed version. You should also see your package-lock.json file update as well, which will happen whenever you add or update dependencies.

After running the above command your package.json might look like this, with express added as an entry to the dependencies field:

{
  "name": "my-project",
  "version": "1.0.0",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "license": "ISC",
  "dependencies": {
    "express": "^4.16.4"
  }
}

Installing packages as devDependencies

When installing a package we can choose to record it in our package.json as an entry to dependencies or devDependencies. You can learn more about the difference between dependencies and devDependencies in our tutorial about package.json. In short, dependencies are used during production, and devDependencies are used only in development or during a build step.

By default, npm install <package> adds the package as an entry to your dependencies in package.json. Passing the flag --save-dev, or it’s alias -D, when installing a package will install it as a devDependency:

Terminal window
npm install --save-dev eslint

If you check your package.json afterwards, you should see the package added as an entry to devDependencies:

{
  "name": "my-project",
  "version": "1.0.0",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "license": "ISC",
  "dependencies": {
    "express": "^4.16.4"
  },
  "devDependencies": {
    "eslint": "^5.16.0"
  }
}

Installing packages globally

Thus far we have only installed packages locally. Meaning we installed them into the local node_modules/ folder for a particular project, so they can be used in the application (e.g. require('package-name')). But some packages distributed on NPM are meant to be used as standalone command line applications. These packages are intended to be run from a terminal, and not used directly in an application’s code like a local dependency would be. A good example of this is the create-react-app command line application, which is used to scaffold out a React project.

These types of packages which are intended to be used from the terminal are often installed globally. A globally installed package can be run from the command line, regardless of where you run the command from. This can be very useful, as there are lots of utilities and tools written in Node.js which can help us during development.

Install a package globally by passing the --global flag, or its alias -g:

Terminal window
npm install -g eslint

This will install eslint globally on your system, giving you access to run eslint from anywhere on the command line.

Global Package Location and EACCES Errors

Global packages aren’t added to a specific application as a dependency, but instead installed to a folder with other globally installed NPM packages. That folder should already be added to your PATH environment variable from when you first installed Node.js. You can check where your global node modules live by running:

Terminal window
npm root -g
> /Users/jon/.nvm/versions/node/v11.13.0/lib/node_modules

Your location is likely different from the above and that’s okay.

By default, npm will install global modules to a system folder. Typically /usr/local/lib/node_modules on Unix systems. There is a long-standing issue where users sometimes don’t have permission to write to that folder, and receive an EACCES error. The suggested fix is to use a tool like nvm (Node Version Manager) to manage your Node.js versions, which is how we recommend you install Node.js.

If you are using nvm to manage your Node.js versions, one important thing to note is that each version of Node.js you’ve installed with nvm will have its own global modules folder. Global modules installed with one version of Node.js won’t be accessible if you switch to a different version.

Recap

Installing dependencies is a core part of working with any Node.js project. The npm CLI’s npm install command helps us install a project’s dependencies listed in package.json, and install new packages as dependencies from the NPM registry. By passing flags like --save-dev or --global when installing packages, we can control how and where packages are installed. Global packages are tools we can run from the command line, and aren’t used as dependencies directly in an application. You can also use the commands npm i and npm install interchangeably as they are aliases of one another.

Further your understanding

  • How does the npx command function as an alternative to globally installing packages?
  • Why is it important that dependencies are recorded in package.json?

Additional resources