If you want to ship your code from local to test or production environment, you don’t have to bundle the dependent modules along with your code. You can define all the dependent modules along with their versions in package.json file.
// File name: package.json
{
"name": "project1",
"version": "0.1.0",
"dependencies": {
"express": "4.16.3"
}
}Once you do this, npm takes care of downloading and installing the modules mentioned the package.json wherever you want to install your application with below command.
npm installAddition to the modules mentioned in package.json, npm also install transitive dependencies too, that is, dependent modules of your application dependencies. You can find these dependencies in package-lock.json file.
Semantic Versioning
npm uses semantic versioning for all of its modules.
"express": "4.16.3"In our package.json file, we have listed module express as our dependency. We specifically wanted 4.16.3 version of express module. Here 4 is major version, 16 is minor version and 3 is patch version. Either of these versions will be incremented when there is a change release.
Patch release
Patch release doesn’t introduce significant change to module. It may include some bug fixes. So even if you upgrade this module in your application, it will not break anything, that means it is backward compatible.
Minor release
Minor release might introduce new features to the module. So, here too, nothing breaks if you upgrade this module in your application as this release too is backward compatible.
Major release
Major release might make a significant change to the module. It may break your application if you upgrade to it. So, you have to be cautious and read the documentation before attempting for this migration.
Versioning using Ranges
To use latest available versions, you may include version ranges.
| Version Range | Installs any latest available version between |
|---|---|
"express": "~4" | >=4.0.0 and <5.0.0 |
"express": "~4.16" | >=4.16.0 and <4.17.0 |
"express": "~4.16.3" | >=4.16.3 and <4.17.0 |