What is Package.json?
Package.json is a JSON file Node Package Manager uses to set up a javascript project. In addition to project configuration, a package.json file can provide quick details to a developer about the project. The author, version, description, license, Github repository, dependencies, scripts, and some dependency configurations, are all included on a single file for the developer to take a glance at. Oftentimes, before writing any piece of code for a new project, developers will start out with creating a package.json file. If the developer intends on publishing their project, including a package.json file with a name and version are required in order to identify the unique project.
To create a package.json file, run the cli command ‘npm init’ and follow the instruction. Basic output example:
The CLI will ask line-by-line for specifics about the project and when complete, will print out how the structure will look based on the inputs. Answering no to the confirmation at the end will abort the command.
This is a very basic package.json file. Let’s take a look at one used by the json-server package.
Okay…so what does that tell us?
Basic details up top
“scripts” allows you to write custom cli automation scripts. For example, you may have a
“start”: “react-scripts start” key-value pair to start your react app. Short vid on scripts here
“dependencies” key-value pairs will pop up here as you run commands such as “npm install express --save”. This tells the developer these dependencies are necessary for the app to run in production mode
“devDependencies” key-value pairs list the dependencies the developer has installed as packages only used during development. For example, “jest” is a common testing framework for JS apps
take a look at the rest of the package.json file for json-server…
Indicated to the left are not only the package names (“pinst”, “server-ready”), but also their version numbers (“^2.1.1”, “^0.3.1”). Version numbers are important for the developer to know in order to avoid breaking an app by updating a package to a version no longer compatible with the existing code. Check out more details on versioning here.
* For getting familiar with versioning syntax, practice semvar writing here
I skipped a few key-value pairs that would still be good to brush up on. Check out the glossary of terms here
There is also the package-lock.json file that you may have seen. This file is automatically generated when an npm operation changes either the node_modules tree, or the package.json file. The file shows the dependency tree in a known-to-work state. It is strongly recommended for a developer to include this file if they intend to push their project to a repository other developers will be working on. Problems may occur if npm install is run on a cloned project that doesn’t have a package-lock.json file. Reason is, npm install may retrieve an updated version of one of the dependencies that does not work with other dependencies or existing code. So, package-lock.json ensures that the installed dependency versions are the same as the versions the developer used to create their functioning app.
Additional links:
