Global installation and local installation
Concepts of Global and Local Installation
Node.js's package manager npm provides two installation methods: global installation and local installation. Globally installed packages are placed in a system-specific directory and can typically be used directly from the command line. Locally installed packages are placed in the node_modules folder within the project directory and can only be used in the current project.
# Example of global installation
npm install -g typescript
# Example of local installation
npm install lodash
Characteristics of Global Installation
Globally installed packages are usually command-line tools, such as create-react-app, vue-cli, etc. These tools need to be runnable from anywhere, making them suitable for global installation.
# Globally install create-react-app
npm install -g create-react-app
# Use the globally installed tool
create-react-app my-app
Globally installed packages are placed in a system-specific directory. You can check the global installation location with the following command:
npm root -g
The advantage of global installation is convenience, but the downside is potential version conflicts. If different projects require different versions of a global tool, issues may arise.
Characteristics of Local Installation
Locally installed packages are typically libraries that a project depends on, such as react, vue, lodash, etc. These libraries are only needed within the current project, making them suitable for local installation.
# Locally install react
npm install react
Locally installed packages are placed in the node_modules folder within the project directory. These dependencies can be managed via the package.json file:
{
"dependencies": {
"react": "^18.2.0"
}
}
The advantage of local installation is version isolation, allowing each project to use different versions of a library. The downside is that they must be reinstalled for each project and cannot be used directly from the command line.
Comparison of Global and Local Installation
| Feature | Global Installation | Local Installation |
|---|---|---|
| Installation Location | System directory | node_modules in the project directory |
| Scope of Use | Globally available | Only available in the current project |
| Use Case | Command-line tools | Project dependency libraries |
| Version Management | Prone to conflicts | Version isolation |
Mixed Usage Scenarios
Some packages can be installed either globally or locally, depending on the use case. For example, typescript:
# Globally install typescript (for command-line use)
npm install -g typescript
# Locally install typescript (as a project dependency)
npm install typescript --save-dev
In a project, you can use both globally and locally installed packages. For example, in package.json:
{
"scripts": {
"build": "tsc"
},
"devDependencies": {
"typescript": "^4.9.5"
}
}
The Role of npx
npx is a tool introduced in npm 5.2.0 that allows temporary installation and execution of packages, avoiding the pollution of global installation.
# Use npx to run create-react-app
npx create-react-app my-app
npx first checks if the package is installed locally. If not, it downloads the package temporarily from npm, uses it, and then removes it.
Best Practices Recommendations
- Command-line tools can be installed globally, but version management should be considered.
- Project dependencies must be installed locally to ensure version consistency.
- For one-time-use tools, prioritize using npx.
- In team projects, all dependency versions should be explicitly specified in
package.json.
{
"name": "my-project",
"version": "1.0.0",
"dependencies": {
"lodash": "^4.17.21"
},
"devDependencies": {
"jest": "^29.3.1"
}
}
Common Issue Resolution
When encountering a "command not found" error, possible causes include:
- The package is not installed globally.
- The global installation directory is not in the PATH environment variable.
- The package name is misspelled.
You can check globally installed packages with the following command:
npm list -g --depth=0
Version Management Tools
For scenarios requiring multiple versions of global tools, consider using version management tools:
- nvm (Node Version Manager)
- n (Node version management tool)
# Use nvm to install a specific Node version
nvm install 14.17.0
nvm use 14.17.0
Precise Control of Project Dependencies
In team collaboration, to ensure all developers use the same dependency versions, you can use package-lock.json or yarn.lock files.
# Generate package-lock.json
npm install
# Use yarn to generate yarn.lock
yarn install
These lock files record the exact versions of each dependency, ensuring the same dependency tree is installed across different environments.
Choosing Dependency Types
npm supports multiple types of dependencies:
{
"dependencies": {}, // Production dependencies
"devDependencies": {}, // Development dependencies
"peerDependencies": {}, // Peer dependencies
"optionalDependencies": {} // Optional dependencies
}
Correctly distinguishing these dependency types can help optimize project structure and the installation process.
Installation Speed Optimization
For large projects, dependency installation can be slow. Consider the following optimization methods:
- Use a domestic mirror source.
- Use yarn instead of npm.
- Use pnpm (saves disk space).
# Set the Taobao mirror
npm config set registry https://registry.npmmirror.com
# Use yarn
yarn add react
# Use pnpm
pnpm add react
Dependency Security Audits
Regularly checking the security of project dependencies is important:
npm audit
This command checks all installed packages for known security vulnerabilities.
本站部分内容来自互联网,一切版权均归源网站或源作者所有。
如果侵犯了你的权益请来信告知我们删除。邮箱:cc@cccx.cn
下一篇:NPM依赖管理
