πŸ“ Tutorials

What is NPM? A Simple Explanation for Developers

NPM (Node Package Manager) is the package manager for JavaScript. It lets you install, share, and manage code libraries (called packages) that other people have written.

Instead of writing everything from scratch, you install a package:

npm install express

Now you have a web framework. Someone else wrote it, tested it, and maintains it. You just use it.

What’s a package?

A package is a reusable piece of code published to the npm registry (npmjs.com). There are over 2 million packages. Examples:

  • express β€” web framework
  • react β€” UI library
  • lodash β€” utility functions
  • axios β€” HTTP client
  • dotenv β€” load .env files

Key files

package.json β€” your project’s manifest. Lists dependencies, scripts, and metadata:

{
  "name": "my-app",
  "dependencies": {
    "express": "^4.18.0"
  },
  "devDependencies": {
    "jest": "^29.0.0"
  },
  "scripts": {
    "start": "node index.js",
    "test": "jest"
  }
}

package-lock.json β€” locks exact versions so every developer and CI server gets identical dependencies. Always commit this file.

node_modules/ β€” where packages are actually installed. Never commit this (add to .gitignore).

Essential commands

npm init -y              # Create package.json
npm install express      # Add a dependency
npm install jest -D      # Add a dev dependency
npm install              # Install all deps from package.json
npm run start            # Run the "start" script
npm run test             # Run the "test" script
npm update               # Update packages to latest allowed
npm outdated             # Show outdated packages
npm uninstall express    # Remove a package

dependencies vs. devDependencies

  • dependencies β€” needed to run your app (express, react)
  • devDependencies β€” only needed during development (jest, eslint, typescript)
npm install express        # β†’ dependencies
npm install jest -D        # β†’ devDependencies

npx β€” run without installing

npx create-react-app my-app   # Runs the package without installing globally
npx prettier --write .         # Run prettier once

NPM vs. alternatives

ToolSpeedLock fileDisk usage
npmGoodpackage-lock.jsonNormal
pnpmFastestpnpm-lock.yamlSmallest (shared store)
yarnFastyarn.lockNormal
bunFastestbun.lockbNormal

All use the same npm registry. You can switch between them freely.

For the full command reference, see the npm cheat sheet and pnpm cheat sheet.

You might also like

What is Prisma? A Simple Explanation for Developers

Prisma explained in plain English β€” what an ORM is, how Prisma schema works, migrations, and when to use it vs. raw SQL or Drizzle.

What is Astro? A Simple Explanation for Developers

Astro explained in plain English β€” islands architecture, zero JS by default, and why it's perfect for content-heavy websites.

What is Docker Compose? A Simple Explanation for Developers

Docker Compose explained in plain English β€” multi-container apps, docker-compose.yml, and when to use it vs. plain Docker.

What are Environment Variables? A Simple Explanation for Developers

Environment variables explained β€” what they are, how to use .env files, and why you should never hardcode secrets in your code.