Taking a look at package.json
If you worked with JavaScript, Node, React, etc. and used npm (Node Package Manager) at all, you may have noticed a file generated in the root of your project’s directory called package.json.Clicking into it will reveal a whole bunch of information about your current project like the name, description, author, and other metadata. Now of course, it’s common sense for information like that to be contained somewhere within the project, but there’s also other things in package.json that let your project work with npm.
Node Package Manager
Before we even get into package.json, we need to know exactly what npm is. Node Package Manager is, as you may have guessed, a package manager for Node! Well then what’s a package manager?! A package manager is a tool for handling software packages. These software packages often come in the form of libraries you most likely may have used before such as Bootstrap, axios, React Router, etc. Although it’s called Node Package Manager, in reality you can use npm with all JavaScript projects. You normally access npm via your Command Line Interface, but you can also check out the website and search for packages that way. Installing a package via npm is as easy as literally typing npm install PackageNameHere.
Package.json
So onto this file now. As I’ve stated earlier, package.json contains metadata relating to your project like the name and author as well as version number and license documentation. Of course, this sort of information is important to anyone working on the project, but it is also important to npm itself. Let’s take a look at the package.json of a project I’m working on:
We can create our own scripts within the file to make things easier for us, too. For example, if I run npm run dev, I’m able to utilize the concurrently and nodemon libraries I have installed. We also have the link to our repository documented as well as the issues page.
We then finally the dependencies and devDependencies. These are the libraries we’ve downloaded to use for our project. As you can see, dependencies contain the dotenv and express libraries. These are the same names you type into the CLI when wanting to download them, like npm install dotenv. devDependencies is the same thing as dependencies except they’re only to be used in the development environment for the project. This is typically where testing libraries are downloaded to.
Package-lock.json
You’re inevitably going to run into package-lock.json if you’ve seen package.json. Let’s take a look at it from my project:
The file is much, much bigger than this. As a matter of fact, it goes on like this to 1845 lines. What package-lock.json for is simply to lock the version numbers of the dependencies in your project. This ensures that everyone is on the same page when working on the project if they clone it to their machines.
