npm

Usage

• What is pulling in a dep? npm ls selfsigned

Clearing Cache

• npm cache clean --force
• yarn cache clean

Development

Constraining Versions

https://docs.npmjs.com/about-semantic-versioning#using-semantic-versioning-to-specify-update-types-your-package-can-accept

• ~ means accept newer patch versions
• ^ means accept newer minor versions

Creating a Package

https://yarnpkg.com/lang/en/docs/cli/init/

$ yarn init package-name

Development

Referencing an unpublished package locally

https://yarnpkg.com/lang/en/docs/cli/add/

{
  "dependencies": {
    "foo": "file:../path/to/foo"
  }
}

Installing a package from git

$ yarn add user/repo#branch

Referencing a git commit, tag, or branch of a package

Publishing a package

https://docs.npmjs.com/cli/publish

$ npm publish

Overriding a published package with a local copy

• yarn link - https://yarnpkg.com/lang/en/docs/cli/link/ - does not work in Metro Bundler
• yalc for React Native CLI and Expo - https://github.com/whitecolor/yalc

Opening a package’s source to view it

Look in node_modules

Updating Dependencies

When you have a transitive dependency that you want to force to update without updating anything else in the lockfile, use the resolutions field in package.json:

"resolutions": { "fsevents": "1.2.13" }

(NOTE: this may only be valid with yarn, not npm)