In my journey looking for a developer job I invest my free time to promote myself, study more topics, one of them is NPM, and I wish to share some of my learning.
This post will be about NPM versioning system, known as Semver, and about where to install your dependencies in ‘package.json’.
What is the motivation to write a package as an NPM package?
A node package, which is written and used by multiple developers needs to be maintained such that many can update the package and also can be used by the community.
To accomplish that while understand each other easily as possible about changes.
In NPM every package has a version, within it there are three representative numbers: ‘Major.Minor.Patch’.
The ‘patch’ is for updates in bug fixes.
If you want to add a new feature, it dependes on the type of the new feature. ‘Minor’ is for letting know the users, that this new feature is still compatible to the previous version.
‘Major’ is for non-compatible feature, but the emphassis of changing Major version is on incompatiblity, not necessarily of new features.
The Major update not only for non-compatible features, but also for incompatible bug fix, or for a complete change of functionality, like removing old features.
So, updating your versions on package.json, or calling ‘npm install‘, needs to be handled with cautious.
When installing your dependencies using npm install, the installation process will look at the presence and type of special characters under the dependencies and devDependencies in package.json.
These characters will determine the final version of the installed package at node modules, meaning it’s optional to install updated versions by defiend rules.
For that comes the different syntax used in package.json:
If you need an exact version then you don’t need any special characters:
But if you want only a version that has a minimum limit version from it to be updated every initialization of your program, you have the general option of the greater than (>) sign:
One moment! I just said that Major version might not be compatible in the future, to eliminate this risk, you should allow only compatible changes to your versions, you must use the caret sign, that let the installation know to update only Minor and Patch versions:
To only make Patch versions updates you need to add a tilde sign:
So far for versioning, now let’s zoom out in our package.json file to our ‘dependencies’ and ‘devDependencies’.
Where should I locate the packages, in the dependencies or in my development dependencies?
What happens if my package is installed by someone else?
To answer the first question, we should first ask ourselves if this package is a ‘Browser app’ or a ‘server app’?
A browser app is an app that is intended to run in a browser, like Google Chrome or Mozilla Firefox.
Simply put, it is a program that have at least one HTML file, like ‘Create-React-App’.
If you develop a server package, you don’t have any HTML files, only JavaScript files, as example ‘Express’ and ‘Axios’, or utilities like ‘Semver’.
Important to note that browsers do not mind about ‘node modules’ folder, the browser will get the JavaScript files in a bundle.
So, when writing a browser app, the browser will get both ‘dependencies’ and ‘devDependencies’ packages. It won’t matter where you install those packages.
And if your program is a server program, it will be written for the use of other server apps or browser apps, and in this case, it matters if your packages at your ‘devDependencies’ or at ‘dependencies’. Because, when other apps will install a server app, it won’t install the packages located at the ‘devDependencies’. And this also answers the second question.
I hope this article was informative to you.
Next article will be about JavaScript modules.