Npm Cheat Sheet

  1. Npm Cheat Sheet Printable
  2. Npm Cheat Sheets
  3. Npm Yarn Cheat Sheet
  4. Npm Cheat Sheet Pdf

The final entry in our npm cheat sheet is a command we find ourselves using time and again. Npm search searches package metadata for all files in the registry matching the search terms supplied. Tags like -exclude and -searchopts can be used to constrain results, and RegEx terms are indicated with a / at the beginning of a term. React Cheat Sheet. Thanks for wanting to contribute. I hope your experience is pretty painless. Contributing Setup Clone the and setup the project. Cheat Sheet: 10 npm Security Best Practices A local private registry such as Verdaccio will give you an extra layer of security, enabling you: Don’t let vulnerabilities in your project dependencies reduce the security of your application. Make sure to: Publicly disclosed security vulnerabilities without prior warning.

For the full table of contents see below, but first here is a quick cheatsheet of several npm commands:

Installing npm back to top

Update npm

There are several ways you can update npm.


Search for npm packages

Protip:Try searching via the browser with

View details of a npm package

Installing a npm package locally back to top

For the purpose of this demo, we will use http-server.

http-server is a package we’ve written which provides an easy to use wrapper around node’s core http.Server class. This module makes for a good example, since it’s API provides both a CLI binary and a requirable node.js module.

This performs a local install of http-server in our current working directory

You may also notice a new node_modules/ folder. You can ignore this for now.

Installing a npm package into an application

run script

Notice how we: require('http-server')? What kind of wizardry is this?

http-server is not the name of a native node.js module. It’s the name of the package we just installed from npm. node and npm are smart enough to automatically load modules from our local node_modules/ folder.

Understanding Global versus Local installs in npm back to top

By default, npm will install all packages into the local directory you are working in. This is a good thing. It can however, be slightly confusing if you have worked with inferior package management systems in the past.

For example, if we:


and then run the script…

we’ll get this error:

This is logical, we installed http-serverlocally into '/mynewapp/', not in '/anotherapp/'.

There are two direct solutions to fix this:

a) Install the package again, but locally into our new application

b) Install the package globally

Global Package Installation back to top

Npm Cheat Sheet Printable

If you want to have a package available globally use:

The -g flag will indicate that http-server should be installed globally, and be available for all node scripts to require.

Now, we can require('http-server') in any node script on our system.

In addition, since the http-server package has specified a bin property, it will also install a binary script called http-server globally.

Now you can simply run the command:

Uninstalling a package locally

Uninstalling a package globally

Installing a specific version of a package back to top

Npm Cheat Sheet

Cloning a module from Github

This is important. In some cases, there will be patches, forks, or branches that we will want to use for our module, but have not yet been published to npm. Thankfully, the source code for most npm modules is also available on

Our cloned version of http-server is now linked locally

Linking any npm package locally

If you have a local directory containing an npm package, you can link this package locally. This is good for development purposes and for situations when we do not want to publish our package to the public npm repository.

Our local version of http-server is “linked” on our local machine

Linking local npm packages to multiple applications back to top

As we’ve seen before, npm will install packages into the local directory by default. npm link works pretty much the same way. Markdown site.

This indicates that we’ve now linked http-server into our new application newapp. If we had not run npm link http-server we would have gotten a missing module error

Unlinking a npm package from an application

Npm Cheat Sheets

Unlinking a npm package from your system

Npm Yarn Cheat Sheet

Create a new npm package

Creating a new user account on npm

Publishing a npm package back to top

Unpublishing a npm package

Managing owners of packages

If you want multiple users to be able to publish to the same package:

Npm Cheat Sheet Pdf

For additional information on the package.json format and npm best practices, check out Charlie Robbin’s article: