NPM

This item was not updated in last three versions of the Radar. Should it have appeared in one of the more recent editions, there is a good chance it remains pertinent. However, if the item dates back further, its relevance may have diminished and our current evaluation could vary. Regrettably, our capacity to consistently revisit items from past Radar editions is limited.

Nov 2019

Adopt

npm is one of, if not the most, popular package manager for JavaScript. Because of the big community, you can find nearly every dependency in npm.

Instead of other package managers such as bower, you have to write your packages as modules. This unifies the way you have to use, test and, of course, understand dependencies.

npm creates a tree for your dependencies and their nesting dependencies. Because of this, you don't need to handle version conflicts, since every dependency uses there own version of e.g. webpack.

With shrinkwrap you have a robust tool to lock down and manage the versions of your dependencies - following the Pin (external) dependencies approach.

For each package you have to classify your dependencies:

dependencies are needed for use without the need of pre compiling, e.g. lodash
devDependencies are needed for development only, e.g. testing frameworks or pre compiler e.g. babel
peerDependencies you have to provide for using the package

With scripts you get support for the most common build lifecycle steps, e.g. build, start, test ...

Other useful features:

mirror support for your own repository (e.g. artifactory)
can be used for server and client JavaScript development (see node.js )