npm
The default package manager for the Node.js JavaScript runtime environment.
Owned by GitHub (Microsoft), npm is integral to the modern web development ecosystem. It allows developers to install packages with a single command (npm install), handling complex version nesting and sub-dependencies. While alternatives like Yarn and pnpm exist, npm remains the industry standard due to its deep integration with the Node.js ecosystem and its massive community-driven registry.
graph LR
Center["npm"]:::main
Pre_nodejs["nodejs"]:::pre --> Center
click Pre_nodejs "/terms/nodejs"
Rel_yarn["yarn"]:::related -.-> Center
click Rel_yarn "/terms/yarn"
Rel_apt_get["apt-get"]:::related -.-> Center
click Rel_apt_get "/terms/apt-get"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 Explain Like I'm 5
🌍 Think of npm as a giant LEGO catalog for [JavaScript](/en/terms/javascript). Instead of building every part of your toy from scratch, you can look up what you need (like a 'wheel' or a 'motor') and npm will go get it for you and make sure it fits perfectly with your other pieces.
🤓 Expert Deep Dive
npm operates around the 'package.json' file, which defines project metadata and dependencies. It enforces 'Semantic Versioning' (MAJOR.MINOR.PATCH) to prevent breaking changes during updates. A critical feature is the 'package-lock.json', which ensures deterministic installs by locking the exact dependency graph. npm also provides powerful security features like 'npm audit' to identify known vulnerabilities in the dependency tree.