Search⌘ K
AI Features
Home
Courses
Learn Node.js: The Complete Course for Beginners

package.json

Explore the role of package.json in Node.js projects to manage dependencies, metadata, and scripts. Understand common fields like name, version, dependencies, and main. Learn how to install and manage packages using npm commands, and discover the importance of package-lock.json for consistent installations across environments.

We'll cover the following...

What is package.json?

Every published package has a package.json file. This file makes it easy for others to manage and install the package. It gives information to npm that allows it to identify the package as well as handle the package’s dependencies. Node.js is only aware of two fields: name and version. However, other fields, such as dependencies, and main are vital for a package to be used.

Let’s take a look at the content in the package.json of jsonwebtoken, a popular Node.js package that is used for authentication.

Java
{
  "name": "jsonwebtoken",
  "version": "8.5.1",
  "description": "JSON Web Token implementation (symmetric and asymmetric)",
  "main": "index.js",
  "nyc": {
    "check-coverage": true,
    "lines": 95,
    "statements": 95,
    "functions": 100,
    "branches": 95,
    "exclude": [
      "./test/**"
    ],
    "reporter": [
      "json",
      "lcov",
      "text-summary"
    ]
  },
  "scripts": {
    "lint": "eslint .",
    "coverage": "nyc mocha --use_strict",
    "test": "npm run lint && npm run coverage && cost-of-modules"
  },
  "repository": {
    "type": "git",
    "url": "https://github.com/auth0/node-jsonwebtoken"
  },
  "keywords": [
    "jwt"
  ],
  "author": "auth0",
  "license": "MIT",
  "bugs": {
    "url": "https://github.com/auth0/node-jsonwebtoken/issues"
  },
  "dependencies": {
    "jws": "^3.2.2",
    "lodash.includes": "^4.3.0",
    "lodash.isboolean": "^3.0.3",
    "lodash.isinteger": "^4.0.4",
    "lodash.isnumber": "^3.0.3",
    "lodash.isplainobject": "^4.0.6",
    "lodash.isstring": "^4.0.1",
    "lodash.once": "^4.0.0",
    "ms": "^2.1.1",
    "semver": "^5.6.0"
  },
  "devDependencies": {
    "atob": "^2.1.2",
    "chai": "^4.1.2",
    "conventional-changelog": "~1.1.0",
    "cost-of-modules": "^1.0.1",
    "eslint": "^4.19.1",
    "mocha": "^5.2.0",
    "nsp": "^2.6.2",
    "nyc": "^11.9.0",
    "sinon": "^6.0.0"
  },
  "engines": {
    "npm": ">=1.4.28",
    "node": ">=4"
  },
  "files": [
    "lib",
    "decode.js",
    "sign.js",
    "verify.js"
  ]
}

There are several different descriptors in the package.json file, let’s take a look at some of the common ones.

Field Explanation
name The name of the package
version Package version in major.minor.patch
...