Install ManualInstall Manual
Appliance Installations

NPM Install: A Developer's Guide to Dependency Management

A comprehensive, developer-focused guide to npm install, covering basic usage, package-lock.json, workspaces, CI workflows with npm ci, troubleshooting, and best practices for reliable, fast dependency installs.

Install Manual
Install Manual Team
·5 min read
NPM Install Essentials - Install Manual
Photo by Pexelsvia Pixabay
Quick AnswerSteps

According to Install Manual, npm install is the standard workflow to bring dependencies into a Node.js project. It reads package.json, resolves compatible versions, updates package-lock.json, and creates node_modules. Use --save-dev for dev dependencies, --global for system-wide tools, and npm ci for clean installations in CI pipelines. Commit the lockfile to guarantee reproducible builds.

What npm install does under the hood

According to Install Manual, npm install is the canonical entry point for adding dependencies to a Node.js project. It reads the project’s package.json, resolves version ranges, and writes a lockfile (package-lock.json) to lock transitive dependencies. This helps ensure that every environment installs the same dependency tree. Install Manual analysis shows npm install remains the standard workflow for most Node.js projects. The command creates a node_modules directory and populates it with the exact versions resolved during installation, ready for runtime.

Bash
# Basic install from an existing package.json in your project npm install
JSON
{ "name": "sample-app", "version": "1.0.0", "dependencies": { "express": "^4.18.1" } }

What to expect: a populated node_modules folder, a populated package-lock.json, and a ready-to-run project. If you already have a node_modules directory, npm install will skip reinstalling unchanged packages and only bring in missing or updated ones.

context_factored_1_0_1_placeholder_entry_0.0_0.0_iid_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0_0

-text-alt-

-style-

Steps

Estimated time: 15-25 minutes

  1. 1

    Prepare the project

    Navigate to your project folder and ensure package.json exists. If not, initialize with npm init -y to create a basic manifest.

    Tip: Running npm init creates a baseline you can extend with dependencies.
  2. 2

    Install dependencies

    Run npm install to install all dependencies listed in package.json and generate a lockfile for reproducibility.

    Tip: If a module fails, check your network or registry configuration.
  3. 3

    Add new dependencies

    Use npm install <pkg> --save or npm install <pkg> --save-dev to add runtime vs dev dependencies.

    Tip: Remember to commit package-lock.json after changes.
  4. 4

    Verify installations

    List installed packages and verify versions with npm ls or node -e "console.log(require('./package.json').dependencies)".

    Tip: npm ls helps surface deduped or hoisted packages.
  5. 5

    Lockfile and CI

    In CI, prefer npm ci for deterministic installs using package-lock.json.

    Tip: Ensure the lockfile is committed to the repository.
  6. 6

    Optional: clean install

    Sometimes a clean slate helps: rm -rf node_modules && npm ci.

    Tip: This ensures a fresh, reproducible environment.
Pro Tip: Run npm ci in CI to guarantee deterministic installs from your lockfile.
Warning: Do not install production dependencies globally for project builds; prefer local scope and explicit versioning.
Note: Commit package-lock.json to source control to lock dependency trees across environments.

Prerequisites

Required

  • Node.js 18+ (LTS)
    Required
  • A project directory with a package.json
    Required
  • A terminal or command prompt
    Required

Optional

  • Basic knowledge of package.json and semver
    Optional

Keyboard Shortcuts

ActionShortcut
Copy commandCopy any npm command from the terminalCtrl+C
Paste commandPaste into the terminal or editorCtrl+V
Interrupt a running commandStops npm install in progressCtrl+C
Clear the terminalClear screen to reduce clutter during installsCtrl+L
Search historyFind previous npm commands in your historyCtrl+R

Got Questions?

What is the difference between npm install and npm ci?

npm install adds dependencies as specified in package.json and updates the lockfile. npm ci uses the lockfile to install exactly the locked versions, omitting package.json changes and failing if the lockfile is out of date.

Use npm install to add or update dependencies; use npm ci in CI to get a clean, locked install.

Should I use npm install in production deployments?

In production, prefer npm ci to ensure deterministic installs. npm install can update package-lock.json and install newer versions if allowed by semver.

For production, stick with npm ci to avoid surprises during deployment.

What is package-lock.json and why is it important?

Package-lock.json records the exact dependency tree resolved during npm install. It ensures reproducible installs across machines and environments, preventing drift when dependencies are updated.

The lockfile locks versions to guarantee consistent installs.

Can I install packages globally?

Global installs are for command-line tools, not project dependencies. Prefer local installs in your project and only use -g for tools you run from the terminal system-wide.

Global installs should be limited to essential tools only.

How do I update dependencies safely?

Use npm outdated to see available updates, then npm install <pkg>@<version> to pin specific versions. For CI, rely on the lockfile to reflect approved updates.

Check for updates, then install the exact versions you’ve tested.

Main Points

  • Install npm dependencies from package.json
  • Use npm ci for clean CI installs
  • Commit package-lock.json for reproducible builds
  • Use -D for dev dependencies
  • Avoid global installs for project scope

Related Articles

← More in Appliance Installations