Skip to main content

npm Command Cheatsheet

npm is the core package manager for the Node.js ecosystem. This cheatsheet covers the most commonly used npm commands — from package installation to publishing — each with practical examples. Whether you're new to npm or need a quick reference, this guide has you covered.

Updated: 2026-07-16·28 commands

Quick Reference

TaskCommand
Install dependenciesnpm install
CI installationnpm ci
Install a packagenpm install lodash
Install globallynpm install -g typescript
Run a scriptnpm run dev
Update all packagesnpm update
Publish a packagenpm publish
List installed packagesnpm list --depth=0

Installation

``bash # Install project dependencies npm install # From package.json (alias: npm i) npm ci # Strictly from lock file (recommended for CI) npm install --production # Skip devDependencies

# Install specific packages npm install lodash # Add to dependencies npm install -D jest # Add to devDependencies (-D = --save-dev) npm install -g typescript # Install globally npm install lodash@4.17.21 # Specific version npm install lodash@^4.0.0 # Semver range

# Uninstall npm uninstall lodash # Remove from dependencies npm uninstall -g typescript # Uninstall global package

# Cleanup rm -rf node_modules && npm install # Reinstall all (common fix) npm cache clean --force # Clear cache (rarely needed) `

> Tip: rm -rf node_modules && npm install is the first thing to try for mysterious bugs.

Publishing

`bash # Initialize a new project npm init # Interactive package.json creation npm init -y # Quick setup with defaults

# Version management npm version patch # 1.0.0 → 1.0.1 (bug fixes) npm version minor # 1.0.0 → 1.1.0 (backward-compatible features) npm version major # 1.0.0 → 2.0.0 (breaking changes)

# Publish npm publish # Publish to registry (default npmjs.com) npm publish --tag beta # Publish with a dist-tag (for pre-release) npm publish --access public # Required for scoped packages

# Deprecate & unpublish npm deprecate pkg@"

# Authentication npm login # Log in to npm npm whoami # Check current user npm logout # Log out `

> Version convention: major.minor.patch — e.g. 2.1.3. Patch=bug fixes, Minor=new features (backward-compatible), Major=breaking changes.

Configuration

`bash # View config npm config list # Show all config npm config get registry # Current registry URL npm config get prefix # Global install path

# Modify config npm config set registry https://registry.npmmirror.com # Use mirror npm config set registry https://registry.npmjs.org/ # Restore official

# Using .npmrc # Project-level: create .npmrc in project root # User-level: ~/.npmrc # Example: echo "registry=https://registry.npmmirror.com" > .npmrc echo "@mycompany:registry=https://npm.mycompany.com" >> .npmrc # Private packages `

> Tip: Use nrm (npm registry manager) for quick registry switching: npx nrm use taobao.

Scripts

`bash # package.json scripts example: # "scripts": { # "dev": "next dev", # "build": "next build", # "start": "next start", # "test": "jest", # "lint": "eslint ." # }

npm run dev # Run dev script npm run build # Run build script npm start # Run start script (omit 'run') npm test # Run test script (omit 'run') npm run --silent # Quiet mode, less output

# Pass arguments npm run test -- --watch # Pass --watch to the underlying command npm run build -- --mode production

# Lifecycle hooks (auto-executed) # npm run prebuild → npm run build → npm run postbuild `

> Script tip: Running npm run without a script name lists all available scripts. Use npm run dev -- --port 3000 to pass arguments.

Package Management

`bash # Update packages npm update # Update all (within semver range) npm update lodash # Update specific package npm update -g # Update global packages

# Check for outdated npm outdated # View outdated packages # Output: Package Current Wanted Latest Location # lodash 4.17.21 4.17.21 5.0.0 my-app

# Security audit npm audit # Scan vulnerabilities npm audit fix # Auto-fix compatible vulnerabilities npm audit fix --force # Force fix (may cause breaking changes) npm audit --json # JSON output (for CI analysis) `

Inspection

`bash # View installed packages npm list # Tree view (can be very long) npm list --depth=0 # Direct dependencies only npm list -g --depth=0 # Global packages npm list lodash # Check specific package version

# View package info npm view lodash # Full package info from registry npm view lodash versions # All available versions npm view lodash dependencies # Dependency info npm view lodash --json # JSON format

# Search npm search react hook # Search registry npx npm-search "react hooks" # Better search experience

# Environment node -v # Node version npm -v # npm version npx --version # npx version `

Troubleshooting

SymptomCauseFix
ERR! code EACCES permission errorGlobal install path lacks permissionsUse npm config set prefix ~/.npm-global or manage Node with nvm
ERR! code ERESOLVE dependency conflictSemver range conflictsnpm install --legacy-peer-deps or manually adjust versions
npm install is extremely slowOfficial registry network issuesSwitch to mirror: npm config set registry https://registry.npmmirror.com
ERR! code ENOENT file not foundMissing or incomplete package.jsonCheck package.json, run npm init
npm audit shows many vulnerabilitiesOld packages in dependency treenpm audit fix`, watch for breaking change warnings

Install(7)

CommandLevel
npm install
Install all project dependencies
Basic
npm ci
Clean install from lock file (recommended for CI)
Intermediate
npm install <pkg>
Install a package to dependencies
Basic
npm install -D
Install as a dev dependency
Basic
npm install -g
Install a package globally
Intermediate
npm uninstall
Uninstall a package
Basic
npm cache clean --force
Clear npm cache
Intermediate

Publish(6)

CommandLevel
npm init
Create a package.json file
Basic
npm version
Bump package version
Intermediate
npm publish
Publish a package to the npm registry
Intermediate
npm deprecate
Mark a version as deprecated
Expert
npm login
Log in to npm
Basic
npm whoami
Display npm username
Basic

Config(3)

CommandLevel
npm config list
List all npm configuration
Intermediate
npm config set
Set an npm configuration key
Intermediate
npm config get
Get a configuration value
Intermediate

Script(3)

CommandLevel
npm run
Run a script defined in package.json
Basic
npm start
Run the start script
Basic
npm test
Run the test script
Basic

Manage(4)

CommandLevel
npm update
Update all packages (within semver range)
Intermediate
npm outdated
Check for outdated packages
Intermediate
npm audit
Scan dependencies for vulnerabilities
Intermediate
npm audit fix
Auto-fix compatible vulnerabilities
Intermediate

Info(5)

CommandLevel
npm list
List installed packages
Basic
npm view
View package information from registry
Intermediate
npm search
Search the npm registry
Basic
node -v
Check Node.js version
Basic
npm -v
Check npm version
Basic

FAQ

This cheatsheet is compiled from official tool documentation. Last updated: 2026-07-16.