在使用Mongoose进行分页搜索时，通常会涉及到两个关键概念：`limit` 和 `skip`。这两个参数可以在MongoDB的查询中使用，以实现分页的效果。`limit` 用于限制查询结果的数量，而 `skip` 用于跳过指定数量的文档。

以下是如何使用Mongoose进行分页的步骤：

1. **确定每页的大小（即limit）：** 这是你想要每页显示的记录数。
2. **计算跳过的文档数（即skip）：** 这是根据当前的页码计算出需要跳过的记录数。例如，如果你每页显示10条记录，那么在第二页你需要跳过的记录数为 `10 * (当前页码 - 1)`。

### 示例代码

这是一个简单的例子，展示了如何使用Mongoose来实现分页搜索：

```javascript
const mongoose = require('mongoose');
const { Schema } = mongoose;

// 假设我们有一个用户模型
const UserSchema = new Schema({
  name: String,
  age: Number,
  // 更多字段...
});

const User = mongoose.model('User', UserSchema);

// 分页函数
async function findUsersWithPagination(page, limit) {
  try {
    // 计算需要跳过的文档数
    const skip = (page - 1) * limit;

    // 获取分页的数据
    const users = await User.find()
      .skip(skip)   // 跳过前面的文档
      .limit(limit) // 限制返回的文档数
      .exec();      // 执行查询

    // 获取总的文档数以计算总页数
    const count = await User.countDocuments();

    return {
      total: count,           // 总文档数
      perPage: limit,         // 每页文档数
      currentPage: page,      // 当前页码
      totalPages: Math.ceil(count / limit), // 总页数
      data: users             // 当前页的数据
    };
  } catch (error) {
    throw error;
  }
}

// 使用分页函数，比如获取第2页的数据，每页5条记录
findUsersWithPagination(2, 5).then(paginatedResults => {
  console.log(paginatedResults);
}).catch(err => {
  console.error(err);
});
```

在这个示例中，`findUsersWithPagination` 函数接收 `page` 和 `limit` 作为参数，然后使用这些参数来调整查询。它先计算需要跳过的记录数，然后应用 `skip` 和 `limit` 方法到查询中。最后，它还计算出总的文档数，以便可以返回有关分页的详细信息。

请注意，在实际的应用程序中，你可能还需要考虑排序问题，以确保文档以一致的顺序返回，这通常可以通过在 `find` 查询中使用 `.sort()` 方法来实现。

此外，如果你正在处理大量的数据，频繁地使用 `skip` 可能会导致性能问题，因为 `skip` 会导致数据库遍历过多的文档。在这种情况下，你可能需要考虑使用游标或者其他分页策略。

I'm am very disappointed by the accepted answers in this question. This will not scale. If you read the fine print on cursor.skip( ):

> The cursor.skip() method is often expensive because it requires the server to walk from the beginning of the collection or index to get the offset or skip position before beginning to return result. As offset (e.g. pageNumber above) increases, cursor.skip() will become slower and more CPU intensive. With larger collections, cursor.skip() may become IO bound.

To achieve pagination in a scaleable way combine a limit( ) along with at least one filter criterion, a createdOn date suits many purposes.

    MyModel.find( { createdOn: { $lte: request.createdOnBefore } } )
    .limit( 10 )
    .sort( '-createdOn' )

After taking a closer look at the Mongoose API with the information provided by Rodolphe, I figured out this solution:

    MyModel.find(query, fields, { skip: 10, limit: 5 }, function(err, results) { ... });

Pagination using mongoose, express and jade - [Here's a link to my blog with more detail](http://madhums.me/2012/08/20/pagination-using-mongoose-express-and-jade/)

    var perPage = 10
      , page = Math.max(0, req.params.page)
    
    Event.find()
        .select('name')
        .limit(perPage)
        .skip(perPage * page)
        .sort({
            name: 'asc'
        })
        .exec(function(err, events) {
            Event.count().exec(function(err, count) {
                res.render('events', {
                    events: events,
                    page: page,
                    pages: count / perPage
                })
            })
        })

You can chain just like that:

    var query = Model.find().sort('mykey', 1).skip(2).limit(5)
    

Execute the query using `exec`

    query.exec(callback);

In this case, you can add the query `page` and/ or `limit` to your URL as a query string.

For example:  
`?page=0&limit=25 // this would be added onto your URL: http:localhost:5000?page=0&limit=25`

Since it would be a `String` we need to convert it to a `Number` for our calculations. Let's do it using the `parseInt` method and let's also provide some default values.

    const pageOptions = {
        page: parseInt(req.query.page, 10) || 0,
        limit: parseInt(req.query.limit, 10) || 10
    }
    
    sexyModel.find()
        .skip(pageOptions.page * pageOptions.limit)
        .limit(pageOptions.limit)
        .exec(function (err, doc) {
            if(err) { res.status(500).json(err); return; };
            res.status(200).json(doc);
        });
    

**BTW** Pagination starts with `0`

Mongoose 如何进行分页搜索？

在Mongoose中，排序可以通过在查询后使用 `.sort()` 方法来实现。该方法接受一个参数，该参数可以是字符串或对象，用于指定根据哪些字段进行排序以及排序的方向（升序或降序）。在MongoDB中，升序使用 `1` 表示，而降序使用 `-1` 表示。

以下是如何使用 `.sort()` 方法的一些例子：

### 使用字符串进行排序

如果您只需要根据一个字段进行排序，可以直接传递一个字段名，前面带有 `-` 表示降序，不带任何符号表示升序。

```javascript
// 升序排序
MyModel.find().sort('field').exec((err, docs) => {
  // 处理结果或错误
});

// 降序排序
MyModel.find().sort('-field').exec((err, docs) => {
  // 处理结果或错误
});
```

### 使用对象进行排序

如果您要根据多个字段进行排序，可以传递一个对象，键是字段名，值是 `1` 或 `-1` 来分别表示升序或降序。

```javascript
// 根据多个字段进行排序
MyModel.find().sort({ field1: 1, field2: -1 }).exec((err, docs) => {
  // 处理结果或错误
});
```

### 示例

假设您有一个用户模型 `User`，并且您想根据年龄进行升序排序，然后根据用户名进行降序排序，您可以这样做：

```javascript
User.find().sort({ age: 1, username: -1 }).exec((err, users) => {
  if (err) {
    console.error(err);
  } else {
    console.log(users); // 这将输出根据年龄升序、用户名降序排序的用户数组
  }
});
```

通过这种方式，您可以轻松地根据一个或多个字段对查询结果进行排序，这在处理大量数据时尤其有用，可以帮助您更快地定位到感兴趣的记录。

In Mongoose, a sort can be done in any of the following ways:

        Post.find({}).sort('test').exec(function(err, docs) { ... });
        Post.find({}).sort([['date', -1]]).exec(function(err, docs) { ... });
        Post.find({}).sort({test: 1}).exec(function(err, docs) { ... });
        Post.find({}, null, {sort: {date: 1}}, function(err, docs) { ... });

This is how I got sort to work in mongoose 2.3.0 :)

    // Find First 10 News Items
    News.find({
        deal_id:deal._id // Search Filters
    },
    ['type','date_added'], // Columns to Return
    {
        skip:0, // Starting Row
        limit:10, // Ending Row
        sort:{
            date_added: -1 //Sort by Date Added DESC
        }
    },
    function(err,allNews){
        socket.emit('news-load', allNews); // Do something with the array of 10 objects
    })

As of Mongoose 3.8.x:

    model.find({ ... }).sort({ field : criteria}).exec(function(err, model){ ... });
    

**Where:**

`criteria` can be `asc`, `desc`, `ascending`, `descending`, `1`, or `-1`

**Note: Use quotation marks or double quote**

use `"asc"`, `"desc"`, `"ascending"`, `"descending"`, `1`, or `-1`

UPDATE:

    Post.find().sort({'updatedAt': -1}).all((posts) => {
      // do something with the array of posts
    });
    

* * *

Try:

    Post.find().sort([['updatedAt', 'descending']]).all((posts) => {
      // do something with the array of posts
    });

**Mongoose v5.x.x**

sort by ascending order

    Post.find({}).sort('field').exec(function(err, docs) { ... });
    Post.find({}).sort({ field: 'asc' }).exec(function(err, docs) { ... });
    Post.find({}).sort({ field: 'ascending' }).exec(function(err, docs) { ... });
    Post.find({}).sort({ field: 1 }).exec(function(err, docs) { ... });
    
    Post.find({}, null, {sort: { field : 'asc' }}), function(err, docs) { ... });
    Post.find({}, null, {sort: { field : 'ascending' }}), function(err, docs) { ... });
    Post.find({}, null, {sort: { field : 1 }}), function(err, docs) { ... });
    

sort by descending order

    Post.find({}).sort('-field').exec(function(err, docs) { ... });
    Post.find({}).sort({ field: 'desc' }).exec(function(err, docs) { ... });
    Post.find({}).sort({ field: 'descending' }).exec(function(err, docs) { ... });
    Post.find({}).sort({ field: -1 }).exec(function(err, docs) { ... });
    
    
    Post.find({}, null, {sort: { field : 'desc' }}), function(err, docs) { ... });
    Post.find({}, null, {sort: { field : 'descending' }}), function(err, docs) { ... });
    Post.find({}, null, {sort: { field : -1 }}), function(err, docs) { ... });
    

For Details: [https://mongoosejs.com/docs/api.html#query\_Query-sort](https://mongoosejs.com/docs/api.html#query_Query-sort)

Mongoose 中搜索时如何进行排序？

要从全局维度完全删除 Node.js，通常需要执行几个步骤，具体步骤会根据您使用的操作系统有所不同。以下是在不同操作系统上卸载 Node.js 的一般指导：

### 在 macOS 上：

1. 如果你是通过 Homebrew 安装的 Node.js，你可以使用以下命令来卸载：
   ```sh
   brew uninstall node
   ```
   
2. 如果是通过包安装器安装，你可以删除 Node.js 的安装目录。通常情况下，Node.js 安装在 `/usr/local/bin/node`，npm 安装在 `/usr/local/bin/npm`。可以使用以下命令删除：
   ```sh
   sudo rm -rf /usr/local/{bin/{node,npm},lib/node_modules/npm,include/node,share/man/man1/node.*}
   ```

3. 然后，清除系统中任何残留的缓存文件或本地配置：
   ```sh
   sudo rm -rf ~/.npm
   sudo rm -rf ~/.node-gyp
   sudo rm -rf /opt/local/bin/node
   sudo rm -rf /opt/local/include/node
   sudo rm -rf /opt/local/lib/node_modules
   ```

4. 您还可以通过查找 ‘node’ 或 ‘npm’ 相关的任何文件来确保所有内容都已删除：
   ```sh
   sudo find / -name node
   sudo find / -name npm
   ```

### 在 Windows 上：

1. 打开 `控制面板` > `程序` > `程序和功能`，然后从列表中选择 Node.js，点击 `卸载`。

2. 删除 Node.js 的安装目录，通常是 `C:\Program Files\nodejs`。

3. 清除系统路径中的 Node.js 相关条目。可以通过编辑环境变量来做到这一点。

4. 清除 npm 缓存：
   ```sh
   npm cache clean --force
   ```

5. 删除用户目录下的 npm 相关文件和目录，例如：
   ```sh
   del /s /q %userprofile%\AppData\Roaming\npm
   del /s /q %userprofile%\AppData\Roaming\npm-cache
   ```

6. 使用文件资源管理器或命令行搜索并删除任何遗留的 Node.js 文件。

### 在 Linux 上：

1. 如果你使用的是像 apt、yum 或 dnf 这样的包管理器，可以使用相应的卸载命令。例如，在基于 Debian 的系统上，可以使用：
   ```sh
   sudo apt-get remove --purge nodejs npm
   ```

2. 删除 Node.js 的安装目录和配置文件：
   ```sh
   sudo rm -rf /usr/local/bin/node
   sudo rm -rf /usr/local/bin/npm
   sudo rm -rf /usr/local/lib/node_modules
   sudo rm -rf /usr/local/include/node
   sudo rm -rf /usr/local/share/man/man1/node.*
   ```

3. 清除 npm 的缓存和本地配置：
   ```sh
   sudo rm -rf ~/.npm
   sudo rm -rf ~/.node-gyp
   ```

4. 查找并删除系统中剩余的 Node.js 文件：
   ```sh
   sudo find / -name node
   sudo find / -name npm
   ```

在执行以上操作后，Node.js 应该已经从您的系统中完全删除。记得在执行某些命令时，特别是那些包含 `rm -rf` 的命令时，要非常小心，因为这些命令可以删除大量文件，而且不可撤销。如果你不确定某个文件或目录是否应该删除，请先进行检查。

Windows 系统如何完整的删除 nodejs？

在Mongoose中，更新文档（通常在 MongoDB 中称为记录）可以通过几种不同的方法来实现。如果你提到的 "upstart" 文档是指需要更新的文档，那么我将展示几种在 Mongoose 中更新文档的常用方法，并提供示例。

### 使用 `save()` 方法更新文档

如果你已经查询到了一个 Mongoose 文档实例，你可以直接修改它的属性，然后调用 `.save()` 方法来更新它。

```javascript
const mongoose = require('mongoose');
const { Schema } = mongoose;

const UserSchema = new Schema({ name: String, age: Number });
const User = mongoose.model('User', UserSchema);

async function updateUser(userId) {
  try {
    // 查询文档
    const user = await User.findById(userId);
    if (user) {
      // 修改文档的属性
      user.name = '新的名字';
      user.age = 30;

      // 保存文档
      await user.save();
      console.log('Document updated successfully');
    } else {
      console.log('Document not found');
    }
  } catch (error) {
    console.error('Error updating document:', error);
  }
}
```

### 使用 `updateOne()` 或 `updateMany()` 方法

如果你不需要先检索整个文档，你可以直接使用 `updateOne()` 或 `updateMany()` 方法来更新一个或多个文档。

```javascript
async function updateUserName(userId, newName) {
  try {
    // 更新单个文档
    const result = await User.updateOne({ _id: userId }, { $set: { name: newName } });
    if (result.matchedCount === 1) {
      console.log('Document updated successfully');
    } else {
      console.log('No documents matched the query. Document not updated');
    }
  } catch (error) {
    console.error('Error updating document:', error);
  }
}
```

### 使用 `findOneAndUpdate()` 方法

如果你想在更新文档的同时检索更新后的文档，你可以使用 `findOneAndUpdate()` 方法。

```javascript
async function findAndUpdateUser(userId, newName) {
  try {
    const options = { new: true }; // 返回更新后的文档
    const updatedUser = await User.findOneAndUpdate({ _id: userId }, { $set: { name: newName } }, options);
    if (updatedUser) {
      console.log('Document updated and retrieved successfully:', updatedUser);
    } else {
      console.log('Document not found');
    }
  } catch (error) {
    console.error('Error finding and updating document:', error);
  }
}
```

在这些示例中，我们使用了 MongoDB 的更新操作符 `$set` 来指定我们希望更新的字段。同时还可以使用其他更新操作符来执行更复杂的更新操作。根据你的需求，你可以选择最适合你的更新策略。

注意：确保在执行更新操作时遵循最佳实践，比如验证输入、处理错误等。

Mongoose now supports this natively with [findOneAndUpdate](https://mongoosejs.com/docs/api.html#model_Model-findOneAndUpdate) (calls MongoDB [findAndModify](https://www.mongodb.com/docs/manual/reference/method/db.collection.findAndModify/)).

The upsert = true option creates the object if it doesn't exist. _defaults to false_.

    var query = {'username': req.user.username};
    req.newData.username = req.user.username;
    
    MyModel.findOneAndUpdate(query, req.newData, {upsert: true}, function(err, doc) {
        if (err) return res.send(500, {error: err});
        return res.send('Succesfully saved.');
    });
    

* * *

In older versions Mongoose does not support these hooks with this method:

*   defaults
*   setters
*   validators
*   middleware

I just burned a solid 3 hours trying to solve the same problem. Specifically, I wanted to "replace" the entire document if it exists, or insert it otherwise. Here's the solution:

    var contact = new Contact({
      phone: request.phone,
      status: request.status
    });
    
    // Convert the Model instance to a simple object using Model's 'toObject' function
    // to prevent weirdness like infinite looping...
    var upsertData = contact.toObject();
    
    // Delete the _id property, otherwise Mongo will return a "Mod on _id not allowed" error
    delete upsertData._id;
    
    // Do the upsert, which works like this: If no Contact document exists with 
    // _id = contact.id, then create a new doc using upsertData.
    // Otherwise, update the existing doc with upsertData
    Contact.update({_id: contact.id}, upsertData, {upsert: true}, function(err{...});
    

I created [an issue on the Mongoose project page](https://github.com/LearnBoost/mongoose/issues/571) requesting that info about this be added to the docs.

You were close with

    Contact.update({phone:request.phone}, contact, {upsert: true}, function(err){...})
    

but your second parameter should be an object with a modification operator for example

    Contact.update({phone:request.phone}, {$set: { phone: request.phone }}, {upsert: true}, function(err){...})

Well, I waited long enough and no answer. Finally gave up the whole update/upsert approach and went with:

    ContactSchema.findOne({phone: request.phone}, function(err, contact) {
        if(!err) {
            if(!contact) {
                contact = new ContactSchema();
                contact.phone = request.phone;
            }
            contact.status = request.status;
            contact.save(function(err) {
                if(!err) {
                    console.log("contact " + contact.phone + " created at " + contact.createdAt + " updated at " + contact.updatedAt);
                }
                else {
                    console.log("Error: could not save contact " + contact.phone);
                }
            });
        }
    });
    

Does it work? Yep. Am I happy with this? Probably not. 2 DB calls instead of one.  
Hopefully a future Mongoose implementation would come up with a `Model.upsert` function.

I'm the maintainer of Mongoose. The more modern way to upsert a doc is to use the [`Model.updateOne()` function](https://mongoosejs.com/docs/api/model.html#model_Model.updateOne).

    await Contact.updateOne({
        phone: request.phone
    }, { status: request.status }, { upsert: true });
    

If you need the upserted doc, you can use [`Model.findOneAndUpdate()`](https://mongoosejs.com/docs/tutorials/findoneandupdate.html)

    const doc = await Contact.findOneAndUpdate({
        phone: request.phone
    }, { status: request.status }, { upsert: true, useFindAndModify: false });
    

The key takeaway is that you need to put the unique properties in the `filter` parameter to `updateOne()` or `findOneAndUpdate()`, and the other properties in the `update` parameter.

Here's a tutorial on [upserting documents with Mongoose](https://masteringjs.io/tutorials/mongoose/upsert).

Mongoose 如何更新一条数据/文档？

要清除 `node_modules` 文件夹中没有在 `package.json` 中定义的包，可以使用几种方法。以下是解决这个问题的两种常见方式：

### 使用 `npm prune` 命令

`npm` 提供了一个内置的命令 `prune`，它用于移除 `node_modules` 目录中未在 `package.json` 文件的 `dependencies` 或 `devDependencies` 中声明的包。要使用 `npm prune`，您只需要在项目的根目录下打开终端，并执行以下命令：

```bash
npm prune
```

这条命令会根据当前 `package.json` 文件中定义的依赖项，删除所有不匹配的包。

### 手动清理和重新安装

如果想确保 `node_modules` 文件夹完全反映 `package.json` 文件中指定的依赖关系，您可以先手动删除 `node_modules` 文件夹，然后运行 `npm install` 重新安装所有依赖。以下是这个方法的步骤：

1. 删除 `node_modules` 文件夹：

   ```bash
   rm -rf node_modules
   ```
2. 清理 `npm` 缓存(可选)：

   ```bash
   npm cache clean --force
   ```
3. 使用 `npm install` 重新安装依赖：

   ```bash
   npm install
   ```

这将创建一个新的 `node_modules` 文件夹，其中仅包含 `package.json` 文件中声明的依赖包。

### 实际例子

假设我之前为了测试某些功能，临时安装了一个名为 `example-package` 的包，但后来发现它并不适合我的项目需求，所以我没有将它加入到 `package.json` 中。现在我的 `node_modules` 文件夹里有很多这样的包，我想清理它们。我会这样做：

1. 打开终端并导航到我的项目目录。
2. 运行 `npm prune` 命令。
3. `npm` 会检查 `package.json` 并自动移除所有未列出的包，包括 `example-package`。

这样，`node_modules` 文件夹就只包含了真正需要的依赖，我的项目也就更加整洁、更容易维护。


I think you're looking for `npm prune`

> `npm prune [<name> [<name ...]]`
> 
> This command removes "extraneous" packages. If a package name is provided, then only packages matching one of the supplied names are removed.
> 
> Extraneous packages are packages that are not listed on the parent package's dependencies list.

See the docs: [https://docs.npmjs.com/cli/prune](https://docs.npmjs.com/cli/prune)

You could remove your node\_modules/ folder and then reinstall the dependencies from package.json.

    rm -rf node_modules/
    npm install
    

This would erase all installed packages in the current folder and only install the dependencies from package.json. If the dependencies have been previously installed npm will try to use the cached version, avoiding downloading the dependency a second time.

> Due to its folder nesting Windows can’t delete the folder as its name is too long. To solve this, install RimRaf:

    npm install rimraf -g
    
    rimraf node_modules

From version 6.5.0 `npm` supports the command `clean-install` (`ci`) to hard refresh all the packages.

Please, see the references:

*   `npm` 6.x: [npm-ci | npm Docs](https://docs.npmjs.com/cli/v6/commands/npm-ci).
*   `npm` 7.x: [npm-ci | npm Docs](https://docs.npmjs.com/cli/v7/commands/npm-ci).
*   [npm Blog Archive: Introducing `npm ci` for faster, more reliable builds](https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable).

simple just run

    rm -r node_modules
    

in fact, you can delete any folder with this.

like **rm -r AnyFolderWhichIsNotDeletableFromShiftDeleteOrDelete**.

just open the **gitbash** move to root of the folder and run this command

Hope this will help.

如何清理 node_modules 文件夹中没有在 package.json 中安装的依赖包？

要更新全局安装的npm工具，您可以执行以下步骤：

1. **打开终端或命令提示符**: 这是您将输入命令的地方。

2. **检查是否有更新的工具**: 使用如下命令可以查看全局安装的npm包：
   ```
   npm outdated -g --depth=0
   ```
   这将列出所有已经过时的全局npm包和它们的当前版本、需要更新的版本以及最新版本。

3. **更新特定的npm工具**: 如果您只想更新一个特定的工具，可以使用命令：
   ```
   npm update <工具名> -g
   ```
   其中`<工具名>`是您想要更新的工具的名称。

4. **一次性更新所有全局工具**: 如果您想要更新所有过时的工具，您可以使用命令：
   ```
   npm update -g
   ```
   这会更新所有全局安装的且有新版本可用的npm工具。

5. **强制更新**: 如果因为某些原因`npm update`命令没有更新到最新版本，您可以通过先卸载再安装的方式强制更新。例如：
   ```
   npm uninstall -g <工具名>
   npm install -g <工具名>@latest
   ```
   这样会确保您安装的是该工具的最新版本。

6. **确认更新**: 更新完成后，您可以确认工具是否更新到了最新版本：
   ```
   npm list -g <工具名>
   ```
   或者，如果您想查看所有全局安装的工具及其版本，可以运行：
   ```
   npm list -g --depth=0
   ```

### 示例

假设我们想更新全局安装的`create-react-app`工具。以下是更新流程的步骤：

1. 打开您的命令行工具。

2. 检查是否有可用的更新：
   ```
   npm outdated -g --depth=0
   ```
   这可能会告诉您`create-react-app`的当前版本和最新版本。

3. 更新`create-react-app`到最新版本：
   ```
   npm update create-react-app -g
   ```

4. 确认更新：
   ```
   npm list -g create-react-app
   ```

以上步骤将帮助您保持全局npm工具的最新状态。

Note: The question is specifically asking how to upgrade npm, not Node.js. If you want to update Node.js over a CLI on windows, I recommend running `winget upgrade -q NodeJS` or use [chocolatey](https://community.chocolatey.org/packages/nodejs-lts) for that.

What method should I choose to update NPM?
------------------------------------------

*   Node.js v16 or higher?
    *   `npm install -g npm`
*   Node.js v14 or below?
    *   Consider updating to latest LTS release of Node.js
    *   `npm-windows-upgrade`

### [Upgrade with npm-windows-upgrade](https://github.com/felixrieseberg/npm-windows-upgrade)

Run PowerShell as Administrator

    Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
    npm install -g npm-windows-upgrade
    npm-windows-upgrade
    

Note: if you run the Node.js installer, it will replace the Node.js version.

*   Upgrades npm in-place, where Node.js installed it.
*   Does not modify the default path.
*   Does not change the default global package location.
*   Allows easy upgrades and downgrades and to install a specific version.
*   A list of versions matched between NPM and Node.js ([https://nodejs.org/en/download/releases/](https://nodejs.org/en/download/releases/)) - but you will need to download the _Node.js installer_ and run that to update Node.js ([https://nodejs.org/en/](https://nodejs.org/en/))

### Upgrade with npm

    npm install -g npm
    

Note: some users still report issues updating npm with npm, but I haven't had that experience with v16+.

[Download](https://nodejs.org/en/download) and run the latest MSI. The MSI will update your installed node and npm.

To update NPM, this worked for me:

*   Navigate in your shell to your node installation directory, eg `C:\Program Files (x86)\nodejs`
*   run `npm install npm` (no `-g` option)

Like some people, I _needed_ to combine multiple answers, and I also needed to set a proxy.

This _should_ work for anyone. I have zero desire to run an EXE file or MSI file .. uninstall/ reinstall, or manually delete files and folders. That is so 1999 :P

1.  Run this to update NPM:
    
    Run PowerShell as **administrator**
    
        npm i -g npm    // This works
        
    
    I am _not_ thinking this code actually upgrades your npm version below
    
        Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
        npm install -g npm-windows-upgrade
        npm-windows-upgrade
        
        (courtesy of "Robert" answer)
        
    

**Run this to update Node.js:**

    wget https://nodejs.org/download/release/latest/win-x64/node.exe -OutFile 'C:\Program Files (x86)\nodejs\node.exe'    (courtesy of BrunoLM answer)
    

If you get \`wget : Could not find a part of the path .... "\*\*, see below ...scroll down. Reading Web Response... It's at least punching through the firewall /proxy (if you have one or have already ran the code get through ...

**_Otherwise_**

**You might need to set your proxy**

    npm config set proxy "http://proxy.yourcorp.com:811"    (yes, use quotes)
    

**2 possible errors**

1.  It cannot find path of the path solution **"where.exe node"** (courtesy of Lonnie Best Answer)
    
    E.g. if Node.js is NOT living in "Program Files (x86)" perhaps with where.exe, it is living in 'C:\\Program Files\\nodejs\\node.exe'.
    
        wget https://nodejs.org/download/release/latest/win-x64/node.exe -OutFile 'C:\Program Files\nodejs\node.exe'
        
    
2.  Now perhaps it tries to upgrade but you get _another_ error, _"node.exe is being used by another process."_
    
    *   Close /shutdown other consoles .. command prompts and PowerShell windows, etc. Even if you're using npm in a command prompt, close it.

npm -v (3.10.8)

node -v ( v6.6.0)

**DONE. I'm at the version that I _want_.**

You can update your npm to the latest stable version with the following command:

     npm install npm@latest -g
    

Use PowerShell to run it. This command doesn't need windows administrator privileges and you can verify the result with `npm -v`

如何在 Windows 系统上更新 npm ？

当然，`nvm`（Node Version Manager）是一个用于管理和切换不同Node.js版本的工具。它也允许用户为不同的Node.js版本安装与之兼容的`npm`版本。以下是如何使用`nvm`来更改`npm`版本的步骤：

1. **安装 nvm：**
   首先，您需要确保已经安装了`nvm`。可以通过运行以下命令在Linux或macOS上安装`nvm`：

   ```sh
   curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
   ```

   或者，如果您使用的是Windows，则可以使用`nvm-windows`：

   ```sh
   nvm install-latest-npm
   ```

2. **列出可用的 Node.js 版本：**
   安装好`nvm`后，您可以查看所有可用的Node.js版本：

   ```sh
   nvm ls-remote
   ```

3. **安装 Node.js：**
   使用`nvm`安装一个特定版本的Node.js。`npm`会与该版本捆绑安装：

   ```sh
   nvm install 14.17.0
   ```

   这将安装Node.js 14.17.0版本和与之兼容的`npm`版本。

4. **切换 Node.js 版本：**
   安装多个版本的Node.js后，可以使用以下命令在它们之间切换：

   ```sh
   nvm use 14.17.0
   ```

   这将切换到Node.js 14.17.0版本和相应的`npm`版本。

5. **升级 npm：**
   如果你想要为当前使用的Node.js版本升级`npm`，可以运行：

   ```sh
   npm install -g npm@latest
   ```

   这将为当前选中的Node.js版本安装最新版本的`npm`。

6. **查看 npm 版本：**
   可以通过运行以下命令来验证`npm`的版本：

   ```sh
   npm --version
   ```

7. **为特定的 Node.js 版本安装特定的 npm 版本：**
   如果需要为特定的Node.js版本安装一个特定版本的`npm`，可以先切换到该Node.js版本，然后指定`npm`版本进行安装：

   ```sh
   nvm use 14.17.0
   npm install -g npm@6.14.13
   ```

   这样，您就可以为Node.js 14.17.0安装npm 6.14.13版本。

以上就是使用`nvm`管理和更改`npm`版本的基本步骤。这使得在不同的项目之间切换开发环境变得非常简单，因为每个项目可能需要不同的Node.js和`npm`版本。

As noted in [another answer](https://stackoverflow.com/a/47519162/56817), there is now a command for this:

> nvm now has a command to update npm. It's `nvm install-latest-npm` or `nvm install --latest-npm`.

`nvm install-latest-npm`: Attempt to upgrade to the latest working `npm` on the current Node.js version.

`nvm install --latest-npm`: After installing, attempt to upgrade to the latest working npm on the given Node.js version.

Below are previous revisions of the correct answer to this question.

For later versions of npm it is much simpler now. Just update the version that nvm installed, which lives in `~/.nvm/versions/node/[your-version]/lib/node_modules/npm`.

I installed Node.js 4.2.2, which comes with npm 2.14.7, but I want to use npm 3. So I did:

    cd ~/.nvm/versions/node/v4.2.2/lib
    npm install npm
    

Easy!

And yes, this should work for any module, not just npm, that you want to be "global" for a specific version of node.

* * *

In a newer version, `npm -g` is smart and installs modules into the path above instead of the system global path.

Use

    npm install npm@x.x.x -g
    npm install npm@5.4.0 -g

nvm doesn't handle npm.

So if you want to install Node.js 0.4.x (which many packages still depend on) and use NPM, you can still use npm 1.0.x.

Install Node.js 0.6.x (which comes with npm 1.1.x) and install nvm with npm:

    npm install nvm
    . ~/nvm/nvm.sh
    

Install Node.js 0.4.x with nvm:

    nvm install v0.4.12
    nvm use v0.4.12
    

Install npm using _install.sh_ (note the `-L` parameter to follow any redirects):

    curl -L https://npmjs.org/install.sh | sh
    

This will detect Node.js 0.4.12 and install npm 1.0.106 in your _~/nvm/v0.4.12/lib/node\_modules_ folder and create a symbolic link for nvm:

    ~/nvm/v0.4.12/bin/npm -> ../lib/node_modules/npm/bin/npm-cli.js
    

If you try to run npm, it will still give an error, but if you do `nvm use v0.4.12` again, it should now work.

nvm now has a command to update npm. It's `nvm install-latest-npm` or `npm install --latest-npm`.

I'm on Windows and I couldn't get any of this stuff to work. I kept getting errors about files being in the way. This worked though:

    cd %APPDATA%\nvm\v8.10.0           # or whatever version you're using
    mv npm npm-old
    mv npm.cmd npm-old.cmd
    cd node_modules\
    mv npm npm-old
    cd npm-old\bin
    node npm-cli.js i -g npm@latest
    
    cd %APPDATA%\nvm\v8.10.0 # or whatever version you're using
    rm npm-old
    rm npm-old.cmd
    cd node_modules\
    rm -rf npm-old
    

And boom, I'm back in business.

`nvm`（Node Version Manager）是一个用于管理和切换不同Node.js版本的工具。它也允许用户为不同的Node.js版本安装与之兼容的 `npm`版本。以下是如何使用 `nvm`来更改 `npm`版本的步骤： 

1. **安装 nvm：**
   首先，您需要确保已经安装了 `nvm`。可以通过运行以下命令在Linux或macOS上安装 `nvm`：

   ```sh
   curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
   ```

   或者，如果您使用的是Windows，则可以使用 `nvm-windows`：

   ```sh
   nvm install-latest-npm
   ```
2. **列出可用的 Node.js 版本：**
   安装好 `nvm`后，您可以查看所有可用的Node.js版本：

   ```sh
   nvm ls-remote
   ```
3. **安装 Node.js：**
   使用 `nvm`安装一个特定版本的Node.js。`npm`会与该版本捆绑安装：

   ```sh
   nvm install 14.17.0
   ```

   这将安装Node.js 14.17.0版本和与之兼容的 `npm`版本。
4. **切换 Node.js 版本：**
   安装多个版本的Node.js后，可以使用以下命令在它们之间切换：

   ```sh
   nvm use 14.17.0
   ```

   这将切换到Node.js 14.17.0版本和相应的 `npm`版本。
5. **升级 npm：**
   如果你想要为当前使用的Node.js版本升级 `npm`，可以运行：

   ```sh
   npm install -g npm@latest
   ```

   这将为当前选中的Node.js版本安装最新版本的 `npm`。
6. **查看 npm 版本：**
   可以通过运行以下命令来验证 `npm`的版本：

   ```sh
   npm --version
   ```
7. **为特定的 Node.js 版本安装特定的 npm 版本：**
   如果需要为特定的Node.js版本安装一个特定版本的 `npm`，可以先切换到该Node.js版本，然后指定 `npm`版本进行安装：

   ```sh
   nvm use 14.17.0
   npm install -g npm@6.14.13
   ```

   这样，您就可以为Node.js 14.17.0安装npm 6.14.13版本。

以上就是使用 `nvm`管理和更改 `npm`版本的基本步骤。这使得在不同的项目之间切换开发环境变得非常简单，因为每个项目可能需要不同的Node.js和 `npm`版本。

如何使用 nvm 更改 npm 的版本？

`npm install`和`npm ci`是Node.js生态系统中常用的两个命令，它们都用于安装依赖项，但是它们的工作方式和用途略有不同：

1. **npm install**:
   - **用途**：`npm install`是最常用的命令之一，用于安装依赖项。它根据`package.json`文件中列出的依赖项来安装模块，并且可以更新`package-lock.json`文件。
   - **行为**：`npm install`会根据`package.json`或`npm-shrinkwrap.json`中定义的依赖版本范围来查找并安装最新版本的依赖。如果`package-lock.json`存在，它也会考虑这个文件，但是它允许根据`package.json`中指定的语义版本控制规则更新依赖项。
   - **例子**：如果你的`package.json`文件指定了某个包的版本为`^1.0.0`，这意味着运行`npm install`时可以安装这个包的任何`1.x.x`版本，只要这个版本是最新的并且满足`package.json`中的约束。

2. **npm ci**:
   - **用途**：`npm ci`（ci代表Continous Integration持续集成）主要用在自动化环境中，比如测试平台、持续集成和部署流程。这个命令需要在存在`package-lock.json`或`npm-shrinkwrap.json`文件的情况下运行。
   - **行为**：`npm ci`会忽略`package.json`中的依赖项版本，而是严格根据`package-lock.json`或`npm-shrinkwrap.json`文件来安装依赖项的特定版本。这确保了在不同环境和开发人员之间的一致性。
   - **速度**：`npm ci`通常比`npm install`更快，因为它跳过了某些面向用户的功能，如更新`package-lock.json`文件或安装新版本的包。
   - **例子**：如果你将项目的代码库和`package-lock.json`文件一起部署到持续集成服务器上，运行`npm ci`将确保服务器上安装的依赖项与你在本地开发环境中使用的完全相同。

总之，如果你希望在本地开发环境中安装或更新依赖项，通常会使用`npm install`。而如果你在自动化环境中，需要一个可重复的、确定的依赖项安装过程，就会使用`npm ci`。

From [the official documentation for npm ci](https://docs.npmjs.com/cli/ci):

> In short, the main differences between using npm install and npm ci are:
> 
> *   The project must have an existing package-lock.json or npm-shrinkwrap.json.
> *   If dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
> *   npm ci can only install entire projects at a time: individual dependencies cannot be added with this command.
> *   If a node\_modules is already present, it will be automatically removed before npm ci begins its install.
> *   It will never write to package.json or any of the package-locks: installs are essentially frozen.

* * *

Essentially, **`npm install`** reads `package.json` to create a list of dependencies and uses `package-lock.json` to inform which versions of these dependencies to install. **If a dependency is not in `package-lock.json` it will be added by `npm install`**.

**`npm ci`** (also known as **C**lean **I**nstall) is meant to be used in automated environments — such as test platforms, continuous integration, and deployment — or, any situation where you want to make sure you're doing a clean install of your dependencies.

It installs dependencies directly from `package-lock.json` and uses `package.json` only to validate that there are no mismatched versions. **If any dependencies are missing or have incompatible versions, it will throw an error**.

Use `npm install` to add new dependencies, and to update dependencies on a project. Usually, you would use it during development after pulling changes that update the list of dependencies but it may be a good idea to use `npm ci` in this case.

Use `npm ci` if you need a deterministic, repeatable build. For example during continuous integration, automated jobs, etc. and when installing dependencies for the first time, instead of `npm install`.

[`npm install`](https://docs.npmjs.com/cli/install.html)
--------------------------------------------------------

*   Installs a package and all its dependencies.
*   Dependencies are driven by `npm-shrinkwrap.json` and `package-lock.json` (in that order).
*   **without arguments**: installs dependencies of a local module.
*   Can install global packages.
*   Will install any missing dependencies in `node_modules`.
*   It may write to `package.json` or `package-lock.json`.
    *   When used with an argument (`npm i packagename`) it may write to `package.json` to add or update the dependency.
    *   when used without arguments, (`npm i`) it may write to `package-lock.json` to lock down the version of some dependencies if they are not already in this file.

[`npm ci`](https://docs.npmjs.com/cli/ci)
-----------------------------------------

*   Requires at least npm [v5.7.1](https://github.com/npm/npm/releases/tag/v5.7.1).
*   Requires `package-lock.json` or `npm-shrinkwrap.json` to be present.
*   Throws an error if dependencies from these two files don't match `package.json`.
*   Removes `node_modules` and install _all dependencies_ at once.
*   It never writes to `package.json` or `package-lock.json`.

Algorithm
---------

While `npm ci` generates the entire dependency tree from `package-lock.json` or `npm-shrinkwrap.json`, `npm install` _updates the contents of `node_modules`_ using the following algorithm ([source](https://docs.npmjs.com/cli/install#algorithm)):

>     load the existing node_modules tree from disk
>     clone the tree
>     fetch the package.json and assorted metadata and add it to the clone
>     walk the clone and add any missing dependencies
>       dependencies will be added as close to the top as is possible
>       without breaking any other modules
>     compare the original tree with the cloned tree and make a list of
>     actions to take to convert one to the other
>     execute all of the actions, deepest first
>       kinds of actions are install, update, remove and move
>

`npm ci` will delete any existing `node_modules` folder and relies on the `package-lock.json` file to install the specific version of each package. It is significantly faster than npm install because it skips some features. Its clean state install is great for ci/cd pipelines and docker builds! You also use it to install everything all at once and not specific packages.

While everyone else has answered the technical differences none explain in what situations to use both.
-------------------------------------------------------------------------------------------------------

You should use them in different situations.

`npm install` is great for development and in the CI when you want to cache the `node_modules` directory. When to use this? You can do this if you are making a package for other people to use _(you do NOT include `node_modules` in such a release)_. Regarding the caching, be careful, if you plan to support different versions of `Node.js` remember that `node_modules` might have to be reinstalled due to differences between the `Node.js` runtime requirements. If you wish to stick to one version, stick to the latest `LTS`.

`npm ci` should be used when you are to test and release a production application (a final product, not to be used by other packages) since it is important that you have the installation be as deterministic as possible, this install will take longer but will ultimately make your application more reliable _(you do include `node_modules` in such a release)_. Stick with `LTS` version of `Node.js`.

`npm i` and `npm ci` both utilize the npm cache if it exists, this cache lives normally at `~/.npm`.

Also, `npm ci` respects the `package-lock.json` file. Unlike `npm install`, which rewrites the file and always installs new versions.

_Bonus: You could mix them depending on how complex you want to make it. On feature branches in `git` you could cache the `node_modules` to increase your teams productivity and on the merge request and master branches rely on `npm ci` for a deterministic outcome._

*   `npm ci` - install exactly what is listed in package-lock.json
*   `npm install` - without changing any versions in package.json, use package.json to write package-lock.json, then install exactly what is listed in package-lock.json
*   `npm update` - similar to `npm install` but will also install updates for "blurred version" stuff (e.g. `*`, `^1.2.3`)
*   `npx npm-check-updates -u; npm install` - Will try to update absolutely everything to the latest version. Be careful of breaking changes when using this one.

Or said a different way, `npm ci` changes 0 package files, `npm install` and `npm update` change 1 package file (package-lock.json), and `npx npm-check-updates -u; npm install` changes 2 package files (package.json and package-lock.json).

The documentation you linked had the summary:

> In short, the main differences between using npm install and npm ci are:
> 
> *   The project must have an existing package-lock.json or npm-shrinkwrap.json.
> *   If dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
> *   npm ci can only install entire projects at a time: individual dependencies cannot be added with this command.
> *   If a node\_modules is already present, it will be automatically removed before npm ci begins its install.
> *   It will never write to package.json or any of the package-locks: installs are essentially frozen.

Npm install 和 npm ci 之间有什么区别？

在`package.json`中，您通常不会直接设置环境变量，因为这个文件主要是用来定义项目的依赖、脚本和配置信息。然而，您可以在`package.json`的`scripts`部分定义脚本命令，在执行这些命令时设置环境变量。

例如，如果您使用的是Unix-like系统（如Linux或MacOS），可以使用`export`命令设置环境变量，然后执行其他命令。如果您在Windows上，则可能需要使用`set`命令，或者使用跨平台的解决方案，比如`cross-env`。

下面是一个如何在`scripts`部分设置环境变量的例子：

```json
{
  "name": "your-package",
  "version": "1.0.0",
  "scripts": {
    "start": "export NODE_ENV=production && node app.js",
    "start:windows": "set NODE_ENV=production && node app.js"
  }
}
```

在上面的例子中，我们在`start`脚本中设置了`NODE_ENV`环境变量为`production`，然后执行了`node app.js`。

使用`cross-env`，您可以写一个跨平台的脚本命令：

```json
{
  "name": "your-package",
  "version": "1.0.0",
  "scripts": {
    "start": "cross-env NODE_ENV=production node app.js"
  },
  "devDependencies": {
    "cross-env": "^7.0.3"
  }
}
```

在这个例子中，不管您在什么操作系统上，`start`脚本都会设置`NODE_ENV`环境变量为`production`，然后运行`node app.js`。注意，您需要先安装`cross-env`作为开发依赖（使用命令`npm install --save-dev cross-env`）。

这种方式是非常灵活的，允许您在不同的环境（开发、测试、生产等）中运行不同的命令。记住，这里设置的环境变量只会在脚本运行时存在，脚本执行完毕后，这些环境变量不会影响到其他的shell进程。

Set the environment variable in the script command:

    ...
    "scripts": {
      "start": "node app.js",
      "test": "NODE_ENV=test mocha --reporter spec"
    },
    ...
    

Then use `process.env.NODE_ENV` in your app.

Note: This is for _Mac & Linux only_. For Windows refer to the comments.

Just use NPM package [cross-env](https://www.npmjs.com/package/cross-env). Super easy. Works on Windows, Linux, and all environments. Notice that you don't use && to move to the next task. You just set the env and then start the next task. Credit to [@mikekidder](https://stackoverflow.com/users/2130585/mikekidder) for the suggestion in [one of the comments](https://stackoverflow.com/questions/25112510/how-to-set-environment-variables-from-within-package-json-node-js#comment57929242_27090755) here.

From documentation:

    {
      "scripts": {
        "build": "cross-env NODE_ENV=production OTHERFLAG=myValue webpack --config build/webpack.config.js"
      }
    }
    

Notice that if you want to set multiple global vars, you just state them in succession, followed by your command to be executed.

Ultimately, the command that is executed (using spawn) is:

    webpack --config build/webpack.config.js
    

The `NODE_ENV` environment variable will be set by cross-env

Because I often find myself working with multiple environment variables, I find it useful to keep them in a separate `.env` file (make sure to ignore this from your source control). Then (in Linux) prepend `export $(cat .env | xargs) &&` in your script command before starting your app.

Example `.env` file:

    VAR_A=Hello World
    VAR_B=format the .env file like this with new vars separated by a line break
    

Example `index.js`:

    console.log('Test', process.env.VAR_A, process.env.VAR_B);
    

Example `package.json`:

    {
      ...
      "scripts": {
        "start": "node index.js",
    
        "env-linux": "export $(cat .env | xargs) && env",
        "start-linux": "export $(cat .env | xargs) && npm start",
    
        "env-windows": "(for /F \"tokens=*\" %i in (.env) do set %i)",
        "start-windows": "(for /F \"tokens=*\" %i in (.env) do set %i) && npm start",
    
      }
      ...
    }
    

Unfortunately I can't seem to set the environment variables by calling a script from a script -- like `"start-windows": "npm run env-windows && npm start"` -- so there is some redundancy in the scripts.

For a test you can see the env variables by running `npm run env-linux` or `npm run env-windows`, and test that they make it into your app by running `npm run start-linux` or `npm run start-windows`.

I just wanted to add my two cents here for future Node-explorers. On my Ubuntu 14.04 the `NODE_ENV=test` didn't work, I had to use `export NODE_ENV=test` after which `NODE_ENV=test` started working too, weird.

On Windows as have been said you have to use `set NODE_ENV=test` but for a cross-platform solution the cross-env library didn't seem to do the trick and do you really need a library to do this:

    export NODE_ENV=test || set NODE_ENV=test&& yadda yadda
    

The vertical bars are needed as otherwise Windows would crash on the unrecognized `export NODE_ENV` command. I don't know about the trailing space, but just to be sure I removed them too.

Try this on Windows by replacing `YOURENV`:

      {
        ...
         "scripts": {
           "help": "set NODE_ENV=YOURENV && tagove help",
           "start": "set NODE_ENV=YOURENV && tagove start"
         }
        ...
      }

如何在 package.json 内设置环境变量？

要列出用户在其本地环境中成功安装的 npm 软件包，您可以执行以下步骤：

1. 打开命令行界面。
2. 使用 `cd` 命令导航到项目的根目录，这样可以确保您查看的是特定项目的依赖项。如果您想查看全局安装的软件包，则可以跳过这一步。
3. 运行以下命令：

   - 查看项目的本地安装的软件包：
     ```sh
     npm list
     ```
   - 查看全局安装的软件包：
     ```sh
     npm list -g --depth=0
     ```
   这个命令会列出全局安装的顶级（也就是说不包括它们的依赖）软件包。`--depth=0` 参数确保只列出顶级包，而不是它们所有的依赖项。

4. 命令执行后，终端会输出一个树形结构，显示所有已安装的软件包及其版本号。

例如，如果您运行 `npm list` 在一个包含 `express` 和 `lodash` 的项目中，输出可能看起来像这样：

```plaintext
project-name@1.0.0 /path/to/project-name
├── express@4.17.1
└── lodash@4.17.20
```

这表明您的项目成功安装了 `express` v4.17.1 和 `lodash` v4.17.20。

还有一些其他的参数可以用来自定义输出内容，例如：

- `--prod` 只显示生产环境的依赖。
- `--dev` 只显示开发环境的依赖。
- `--json` 以 JSON 格式输出结果。

这些命令和参数可以帮助任何使用 npm 的开发者快速查看已安装的软件包信息。

npm list -g --depth=0
    

*   **npm**: the Node.js package manager command line tool
*   **list -g**: display a tree of every package found in the user’s folders (without the `-g` option it only shows the current directory’s packages)
*   **\--depth 0 / --depth=0**: avoid including every package’s dependencies in the tree view

You can get a list of all globally installed modules using:

    ls `npm root -g`

**As of 13 December 2015**

[![npm list illustration](https://i.stack.imgur.com/VQVGv.gif)](https://i.stack.imgur.com/VQVGv.gif)

_While I found the accepted answer 100% correct, and useful, I wished to expand upon it a little based on my own experiences, and hopefully for the benefit of others too. (Here I am using the terms package and module interchangeably)_

In an answer to the question, yes the accepted answer would be:

    npm list -g --depth=0
    

You might wish to check for a particular module installed globally, on Unix-like systems or when [grep](https://en.wikipedia.org/wiki/Grep) is available. This is particularly useful when checking what version of a module you are using (globally installed; just remove the `-g` flag if checking a local module):

    npm list -g --depth=0 | grep <module_name>
    

If you'd like to see all available (remote) versions for a particular module, then do:

    npm view <module_name> versions
    

Note, _versions_ is plural. This will give you the full listing of versions to choose from.

For the latest remote version:

    npm view <module_name> version
    

Note, _version_ is singular.

To find out which packages need to be updated, you can use:

    npm outdated -g --depth=0
    

To update global packages, you can use

    npm update -g <package>
    

To update all global packages, you can use:

    npm update -g
    

(However, for npm versions less than 2.6.1, please also see [this link](https://docs.npmjs.com/getting-started/updating-global-packages) as there is a special script that is recommended for globally updating all packages.)

The above commands should work across NPM versions 1.3.x, 1.4.x, 2.x and 3.x.

List NPM packages with some friendly GUI!
-----------------------------------------

This is what I personally prefer and it may be for others too, it may also help during presentations or meetings.

With `npm-gui` you can list local and global packages with a better visualization.

You can find the package at

*   _[npm-gui](https://www.npmjs.com/package/npm-gui)_ (npm)
*   _[npm-gui](https://github.com/q-nick/npm-gui)_ (GitHub)

Run the following

    // Once
    npm install -g npm-gui
    
    cd c:\your-prject-folder
    npm-gui localhost:9000
    

Then open your browser at `http:\\localhost:9000`

[![npm-gui](https://i.stack.imgur.com/WAd0c.png)](https://i.stack.imgur.com/WAd0c.png)

For project dependencies use:

    npm list --depth=0
    

For global dependencies use:

    npm list -g --depth=0

如何列出npm用户安装的软件包

在默认情况下，运行 `npm install` 不会重新生成整个 `package-lock.json` 文件。`npm install` 主要有两个目的：

1. 在没有 `package-lock.json` 文件时，安装 `package.json` 中定义的依赖并生成一个新的 `package-lock.json` 文件。这个新生成的文件确保了未来的安装能得到相同版本的依赖，使得项目更加稳定可靠。
2. 当已经存在 `package-lock.json` 文件时，`npm install` 会依照这个文件安装确切版本的依赖，以保证所有使用该项目的开发者都有着一致的依赖树。

然而，当你添加新的包或者更新现有包的版本时，例如使用 `npm install <package>` 或 `npm install <package>@<version>`，`npm` 会更新 `package.json` 并相应地调整 `package-lock.json` 来反映新的依赖信息。这种情况下，`package-lock.json` 文件确实会被修改，但不是完全重写，而是更新或添加了相关依赖的条目。

例如，假设我正在开发一个使用 Express.js 的 Node.js 应用，并且我希望安装一个新的依赖，比如 `axios`。我会运行：

```sh
npm install axios
```

此命令会将 `axios` 添加到 `package.json` 文件中，并更新 `package-lock.json` 文件以包含 `axios` 及其所有子依赖的确切版本信息。如果我已经安装了 `axios`，但是我想要升级到一个新版本，我可以指定版本号：

```sh
npm install axios@0.21.1
```

这将会更新 `package.json` 和 `package-lock.json` 文件，以反映我所选择的 `axios` 版本。这样的更新是选择性的，并且仅针对被修改或添加的依赖部分。

如果确实需要重新生成 `package-lock.json` 文件，可以删除已有的 `package-lock.json` 文件和 `node_modules` 目录，然后运行 `npm install`，这样会基于 `package.json` 中的依赖重新创建一个新的 `package-lock.json` 文件及安装所有依赖。但在日常开发中，这通常是不必要的。

**Update 3:** As other answers point out as well, the `npm ci` command got introduced in npm 5.7.0 as additional way to achieve fast and reproducible builds in the CI context. See the [documentation](https://docs.npmjs.com/cli/ci.html) and [npm blog](https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable) for further information.

* * *

**Update 2:** The issue to update and clarify the documentation is [GitHub issue #18103](https://github.com/npm/npm/issues/18103).

* * *

**Update 1:** The behaviour that was described below got fixed in npm 5.4.2: the currently intended behaviour is outlined in [GitHub issue #17979](https://github.com/npm/npm/issues/17979#issuecomment-332701215).

* * *

**Original answer (pre-5.4.2):** The behaviour of `package-lock.json` was changed in [npm 5.1.0](https://github.com/npm/npm/releases/tag/v5.1.0) as discussed in [issue #16866](https://github.com/npm/npm/issues/16866). The behaviour that you observe is apparently intended by npm as of version 5.1.0.

That means that `package.json` can override `package-lock.json` whenever a newer version is found for a dependency in `package.json`. If you want to pin your dependencies effectively, you now must specify the versions without a prefix, e.g., you need to write them as `1.2.0` instead of `~1.2.0` or `^1.2.0`. Then the combination of `package.json` and `package-lock.json` will yield reproducible builds. To be clear: `package-lock.json` alone no longer locks the root level dependencies!

Whether this design decision was good or not is arguable, there is an ongoing discussion resulting from this confusion on GitHub in [issue #17979](https://github.com/npm/npm/issues/17979). (In my eyes it is a questionable decision; at least the name `lock` doesn't hold true any longer.)

One more side note: there is also a restriction for registries that don’t support immutable packages, such as when you pull packages directly from GitHub instead of npmjs.org. See [this documentation of package locks](https://docs.npmjs.com/files/package-locks) for further explanation.

I've found that there will be a new version of npm [5.7.1](https://github.com/npm/npm/releases/tag/v5.7.1) with the new command `npm ci`, that will install from `package-lock.json` only

> The new npm ci command installs from your lock-file ONLY. If your package.json and your lock-file are out of sync then it will report an error.
> 
> It works by throwing away your node\_modules and recreating it from scratch.
> 
> Beyond guaranteeing you that you'll only get what is in your lock-file it's also much faster (2x-10x!) than npm install when you don't start with a node\_modules.
> 
> As you may take from the name, we expect it to be a big boon to continuous integration environments. We also expect that folks who do production deploys from git tags will see major gains.

**Short Answer:**

*   `npm install` honors package-lock.json only if it satisfies the requirements of package.json.
*   If it doesn't satisfy those requirements, packages are updated & package-lock is overwritten.
*   If you want the install to fail instead of overwriting package-lock when this happens, use `npm ci`.

* * *

**Here is a scenario that might explain things (Verified with NPM 6.3.0)**

You declare a dependency in package.json like:

    "depA": "^1.0.0"
    

Then you do, `npm install` which will generate a package-lock.json with:

    "depA": "1.0.0"
    

Few days later, a newer minor version of "depA" is released, say "1.1.0", then the following holds true:

    npm ci       # respects only package-lock.json and installs 1.0.0
    
    npm install  # also, respects the package-lock version and keeps 1.0.0 installed 
                 # (i.e. when package-lock.json exists, it overrules package.json)
    

Next, you manually update your package.json to:

    "depA": "^1.1.0"
    

Then rerun:

    npm ci      # will try to honor package-lock which says 1.0.0
                # but that does not satisfy package.json requirement of "^1.1.0" 
                # so it would throw an error 
    
    npm install # installs "1.1.0" (as required by the updated package.json)
                # also rewrites package-lock.json version to "1.1.0"
                # (i.e. when package.json is modified, it overrules the package-lock.json)

Use the newly introduced

    npm ci
    

> npm ci promises the most benefit to large teams. Giving developers the ability to “sign off” on a package lock promotes more efficient collaboration across large teams, and the ability to install exactly what is in a lockfile has the potential to save tens if not hundreds of developer hours a month, freeing teams up to spend more time building and shipping amazing things.

[Introducing `npm ci` for faster, more reliable builds](https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable)

Use the `npm ci` command instead of `npm install`.

"ci" stands for "clean install".

It will install the project dependencies based on the package-lock.json file instead of the lenient package.json file dependencies.

It will produce identical builds to your team mates and it is also much faster.

You can read more about it in this blog post: [https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable](https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable)

执行 npm install 为什么会重写 package- lock .json 文件内容？

首先，`nvm`（Node Version Manager）是一个用于管理多个Node.js版本的工具，它允许用户轻松切换和安装不同的Node.js版本。以下是使用`nvm`升级Node.js版本的步骤：

1. **安装或确认安装了 nvm**：
   要使用`nvm`升级Node.js，您首先需要确认您的系统上已经安装了`nvm`。可以通过在终端中运行以下命令来检查：

   ```
   nvm --version
   ```

   如果您还没有安装`nvm`，可以访问官方的[nvm GitHub仓库](https://github.com/nvm-sh/nvm)来查看安装说明。

2. **列出可用的 Node.js 版本**：
   要检查可用的Node.js版本，您可以使用`nvm`列出所有远程服务器上的版本：

   ```
   nvm ls-remote
   ```

   这个命令会列出所有可用的版本，包括LTS（长期支持）版本。

3. **安装新的 Node.js 版本**：
   当您决定要安装一个特定版本的Node.js时，可以使用以下命令：

   ```
   nvm install <version>
   ```

   您可以将`<version>`替换为特定的版本号，例如`14.17.0`，或者使用`node`代表最新的稳定版本：

   ```
   nvm install node
   ```

   这将安装最新的稳定Node.js版本。

4. **切换至新版本**：
   安装完新版本后，您可以使用如下命令切换到新版本：

   ```
   nvm use <version>
   ```

   类似地，将`<version>`替换为您刚才安装的版本号，或者使用`node`来选择最新安装的版本。

5. **确认新版本的 Node.js**：
   完成上述步骤后，您可以通过以下命令确认当前使用的Node.js版本：

   ```
   node --version
   ```

   这应该显示您刚才选择的版本。

6. **升级 npm（如果需要的话）**：
   某些时候，您可能还需要升级`npm`（Node包管理器）。您可以使用以下命令来升级`npm`：

   ```
   npm install -g npm
   ```

7. **设置默认 Node.js 版本**：
   如果您希望每次打开一个新的终端时都使用新版的Node.js，可以将它设置为默认版本：

   ```
   nvm alias default <version>
   ```

8. **如果有必要，重新安装全局包**：
   有时候，升级Node.js后，您可能需要重新安装全局Node包。您可以通过查看当前版本的全局包，然后在新版本中重新安装它们。

   ```
   nvm ls-remote --reinstall-packages-from=<old_version>
   ```

   将`<old_version>`替换为您之前使用的Node.js版本。

通过这些步骤，您应该能够在不影响旧版Node.js及其依赖的情况下，安全且正确地使用`nvm`升级Node.js版本。

This may work:

    nvm install NEW_VERSION --reinstall-packages-from=OLD_VERSION
    

For example:

    nvm install 6.7 --reinstall-packages-from=6.4
    

then, if you want, you can delete your previous version with:

    nvm uninstall OLD_VERSION
    

Where, in your case, NEW\_VERSION = 5.4 OLD\_VERSION = 5.0

Alternatively, try:

    nvm install node --reinstall-packages-from=current
    

Or you can update to the last long-term support version with

    nvm install lts --reinstall-packages-from=current

You can more simply run one of the following commands:

**Latest version**:

    nvm install node --reinstall-packages-from=node
    

**Stable (LTS) version**: (if currently in use)

    nvm install "lts/*" --reinstall-packages-from="$(nvm current)"
    

This will install the appropriate version and reinstall all packages from the currently used node version.

This saves you from manually handling the specific versions.

* * *

Kudos to @m4js7er for commenting about the LTS version.

> ⚡ **TWO** Simple Solutions:

To install the latest version of node and reinstall the old version packages just run the following command.

    nvm install node --reinstall-packages-from=node
    

To install the latest `lts` (long term support) version of node and reinstall the old version packages just run the following command.

    nvm install --lts /* --reinstall-packages-from=node
    

> Here's a **GIF** animation to support this answer:

> [![nvm](https://i.imgur.com/ZEvUYVo.gif)](https://i.imgur.com/ZEvUYVo.gif)

Here are the steps that worked for me for **Ubuntu** OS and using `nvm`

Go to nodejs website and get the last **LTS** version (for example the version will be: x.y.z)

    nvm install x.y.z
    # In my case current version is: 14.15.4 (and had 14.15.3)
    

After that, execute `nvm list` and you will get list of node versions installed by nvm.

Now you need to switch to the default last installed one by executing:

    nvm alias default x.y.z
    

List again or run `nvm --version` to check: [![enter image description here](https://i.stack.imgur.com/zCtUx.png)](https://i.stack.imgur.com/zCtUx.png)

**Update**: sometimes even if i go over the steps above it doesn't work, so what i did was removing the symbolic links in `/usr/local/bin`

    cd /usr/local/bin
    sudo rm node npm npx
    

And relink:

    sudo ln -s $(which node) /usr/local/bin/nodesudo && ln -s $(which npm) /usr/local/bin/npmsudo && ln -s $(which npx) /usr/local/bin/npx

if you have 4.2 and want to install 5.0.0 then

    nvm install v5.0.0 --reinstall-packages-from=4.2
    

the answer of gabrielperales is right except that he missed the "=" sign at the end. if you don't put the "=" sign then new node version will be installed but the packages won't be installed.

source: [sitepoint](https://www.sitepoint.com/quick-tip-multiple-versions-node-nvm/)

如何使用 nvm 正确的升级 nodejs 版本？

Bower和npm在功能上有着明显的区别，主要体现在它们各自的侧重点和使用场景上。以下是主要的区别：

1. **侧重点不同**：
   - **Bower**：Bower是一个前端包管理工具，专注于HTML、CSS、JavaScript等前端技术的库和框架的管理。Bower的特点是可以解决前端库的依赖问题，例如，当你需要引入一个前端库时，Bower可以自动下载该库所依赖的其他库。
   - **npm**：npm（Node Package Manager）起初是Node.js的包管理工具，用于管理Node.js模块。然而，随着前端工具链的发展，npm也被广泛用于前端项目中，它可以用来安装和管理项目依赖的库和工具，如React、Angular或Webpack等。

2. **项目结构**：
   - **Bower**：往往会将依赖安装到项目的`bower_components`目录下。
   - **npm**：会将依赖放入`node_modules`目录。

3. **包内容**：
   - **Bower**：通常包含的是编译后的代码，即最终将在浏览器中运行的代码。
   - **npm**：可能包含源码、编译后的代码，也可能包含命令行工具等。

4. **依赖管理**：
   - **Bower**：使用`bower.json`文件来管理项目的依赖关系。
   - **npm**：使用`package.json`文件来管理依赖，并且在npm v5之后，默认生成一个`package-lock.json`或在Yarn中的`yarn.lock`来锁定依赖版本，确保不同环境下安装的依赖版本一致。

5. **命令行接口**：
   - **Bower**：提供了一系列简单的命令来安装和管理前端库，例如`bower install`、`bower update`等。
   - **npm**：提供了更全面的命令行工具，不仅能安装和管理包，还能运行脚本，发布模块等，如`npm install`、`npm update`、`npm run`等。

6. **社区和生态**：
   - **Bower**：在早期前端开发中被广泛使用，但随着前端工具链的发展和npm的成熟，Bower的使用已经大幅减少。Bower自2017年起不再推荐使用，并且建议用户迁移到npm上。
   - **npm**：有着庞大的社区支持和丰富的模块生态。随着Node.js的流行，npm成为了JavaScript世界中最大的模块仓库。

举个例子，假设你在开发一个Web应用，需要引入jQuery和Bootstrap，使用Bower的话，你只需要运行`bower install jquery bootstrap`，Bower会将这两个库及其依赖的其他库（如jQuery可能被Bootstrap所依赖）下载到`bower_components`目录下。然而，随着工具如Webpack和npm脚本的流行，你现在更可能使用npm来管理这些依赖，通过`npm install jquery bootstrap`命令来安装，并通过Webpack这样的模块打包工具来组织这些库和你的应用代码。

总结来说，Bower和npm在设计上针对不同的问题和应用场景。随着前端工具链的不断发展，npm已经成为前后端通用的依赖管理工具，而Bower则逐渐淡出了主流的开发实践。

All package managers have many downsides. You just have to pick which you can live with.

History
-------

[npm](https://www.npmjs.org) started out managing node.js modules (that's why packages go into `node_modules` by default), but it works for the front-end too when combined with [Browserify](http://browserify.org/) or [webpack](https://webpack.js.org/).

[Bower](http://bower.io) is created solely for the front-end and is optimized with that in mind.

Size of repo
------------

npm is much, much larger than bower, including general purpose JavaScript (like `country-data` for country information or `sorts` for sorting functions that is usable on the front end or the back end).

Bower has a much smaller amount of packages.

Handling of styles etc
----------------------

Bower includes styles etc.

npm is focused on JavaScript. Styles are either downloaded separately or required by something like `npm-sass` or `sass-npm`.

Dependency handling
-------------------

The biggest difference is that npm does nested dependencies (but is flat by default) while Bower requires a flat dependency tree _(puts the burden of dependency resolution on the user)_.

A nested dependency tree means that your dependencies can have their own dependencies which can have their own, and so on. This allows for two modules to require different versions of the same dependency and still work. Note since npm v3, the dependency tree will be flat by default (saving space) and only nest where needed, e.g., if two dependencies need their own version of Underscore.

Some projects use both: they use Bower for front-end packages and npm for developer tools like Yeoman, Grunt, Gulp, JSHint, CoffeeScript, etc.

* * *

Resources
---------

*   [Nested Dependencies](http://maxogden.com/nested-dependencies.html) - Insight into why node\_modules works the way it does

This answer is an addition to the answer of Sindre Sorhus. The major difference between npm and Bower is the way they treat recursive dependencies. Note that they can be used together in a single project.

**On the [npm FAQ](https://web.archive.org/web/20150906022540/https://docs.npmjs.com/misc/faq#why-can-t-npm-just-put-everything-in-one-place-like-other-package-managers):** (archive.org link from 6 Sep 2015)

> It is much harder to avoid dependency conflicts without nesting dependencies. This is fundamental to the way that npm works, and has proven to be an extremely successful approach.

**On [Bower](http://bower.io/) homepage:**

> Bower is optimized for the front-end. Bower uses a flat dependency tree, requiring only one version for each package, reducing page load to a minimum.

In short, npm aims for stability. Bower aims for minimal resource load. If you draw out the dependency structure, you will see this:

npm:

    project root
    [node_modules] // default directory for dependencies
     -> dependency A
     -> dependency B
        [node_modules]
        -> dependency A
    
     -> dependency C
        [node_modules]
        -> dependency B
          [node_modules]
           -> dependency A 
        -> dependency D
    

As you can see it installs some dependencies recursively. Dependency A has three installed instances!

Bower:

    project root
    [bower_components] // default directory for dependencies
     -> dependency A
     -> dependency B // needs A
     -> dependency C // needs B and D
     -> dependency D
    

Here you see that all unique dependencies are on the same level.

**So, why bother using npm?**

Maybe dependency B requires a different version of dependency A than dependency C. npm installs both versions of this dependency so it will work anyway, but Bower will give you a _conflict_ because it does not like duplication (because loading the same resource on a webpage is very inefficient and costly, also it can give some serious errors). You will have to manually pick which version you want to install. This can have the effect that one of the dependencies will break, but that is something that you will need to fix anyway.

So, the common usage is Bower for the packages that you want to publish on your webpages (e.g. _runtime_, where you avoid duplication), and use npm for other stuff, like testing, building, optimizing, checking, etc. (e.g. _development time_, where duplication is of less concern).

**Update for npm 3:**

npm 3 still does things differently compared to Bower. It will install the dependencies globally, but only for the first version it encounters. The other versions are installed in the tree (the parent module, then node\_modules).

*   \[node\_modules\]
    *   dep A v1.0
    *   dep B v1.0
        *   dep A v1.0 (uses root version)
    *   dep C v1.0
        *   dep A v2.0 (this version is different from the root version, so it will be an nested installation)

For more information, I suggest reading the [docs of npm 3](https://docs.npmjs.com/how-npm-works/npm3-dupe)

**TL;DR: The biggest difference in everyday use isn't nested dependencies... it's the difference between modules and globals.**

I think the previous posters have covered well some of the basic distinctions. (npm's use of nested dependencies is indeed very helpful in managing large, complex applications, though I don't think it's the most important distinction.)

I'm surprised, however, that nobody has explicitly explained one of the most fundamental distinctions between Bower and npm. If you read the answers above, you'll see the word 'modules' used often in the context of npm. But it's mentioned casually, as if it might even just be a syntax difference.

But this distinction of **modules vs. globals** (or modules vs. 'scripts') is possibly the most important difference between Bower and npm. _The npm approach of putting everything in modules requires you to change the way you write Javascript for the browser, almost certainly for the better._

### The Bower Approach: Global Resources, Like `<script>` Tags

At root, Bower is about loading plain-old script files. Whatever those script files contain, Bower will load them. Which basically means that Bower is just like including all your scripts in plain-old `<script>`'s in the `<head>` of your HTML.

So, same basic approach you're used to, but you get some nice automation conveniences:

*   You used to need to include JS dependencies in your project repo (while developing), or get them via CDN. Now, you can skip that extra download weight in the repo, and somebody can do a quick `bower install` and instantly have what they need, locally.
*   If a Bower dependency then specifies its own dependencies in its `bower.json`, those'll be downloaded for you as well.

But beyond that, _Bower doesn't change how we write javascript_. Nothing about what goes inside the files loaded by Bower needs to change at all. In particular, this means that the resources provided in scripts loaded by Bower will (usually, but not always) still be defined as _global variables_, available from anywhere in the browser execution context.

### The npm Approach: Common JS Modules, Explicit Dependency Injection

All code in Node land (and thus all code loaded via npm) is structured as modules (specifically, as an implementation of the [CommonJS module format](http://wiki.commonjs.org/wiki/Modules), or now, as an ES6 module). So, if you use NPM to handle browser-side dependencies (via Browserify or something else that does the same job), you'll structure your code the same way Node does.

Smarter people than I have tackled the question of 'Why modules?', but here's a capsule summary:

*   Anything inside a module is effectively _namespaced_, meaning it's not a global variable any more, and you can't accidentally reference it without intending to.
*   Anything inside a module must be intentionally injected into a particular context (usually another module) in order to make use of it
*   This means you can have multiple versions of the same external dependency (lodash, let's say) in various parts of your application, and they won't collide/conflict. (This happens surprisingly often, because your own code wants to use one version of a dependency, but one of your external dependencies specifies another that conflicts. Or you've got two external dependencies that each want a different version.)
*   Because all dependencies are manually injected into a particular module, it's very easy to reason about them. You know for a fact: _"The only code I need to consider when working on this is what I have intentionally chosen to inject here"_.
*   Because even the content of injected modules is _encapsulated_ behind the variable you assign it to, and all code executes inside a limited scope, surprises and collisions become very improbable. It's much, much less likely that something from one of your dependencies will accidentally redefine a global variable without you realizing it, or that you will do so. (It _can_ happen, but you usually have to go out of your way to do it, with something like `window.variable`. The one accident that still tends to occur is assigning `this.variable`, not realizing that `this` is actually `window` in the current context.)
*   When you want to test an individual module, you're able to very easily know: exactly what else (dependencies) is affecting the code that runs inside the module? And, because you're explicitly injecting everything, you can easily mock those dependencies.

To me, the use of modules for front-end code boils down to: working in a much narrower context that's easier to reason about and test, and having greater certainty about what's going on.

* * *

It only takes about 30 seconds to learn how to use the CommonJS/Node module syntax. Inside a given JS file, which is going to be a module, you first declare any outside dependencies you want to use, like this:

`var React = require('react');`

Inside the file/module, you do whatever you normally would, and create some object or function that you'll want to expose to outside users, calling it perhaps `myModule`.

At the end of a file, you export whatever you want to share with the world, like this:

`module.exports = myModule;`

Then, to use a CommonJS-based workflow in the browser, you'll use tools like Browserify to grab all those individual module files, encapsulate their contents at runtime, and inject them into each other as needed.

AND, since ES6 modules (which you'll likely transpile to ES5 with Babel or similar) are gaining wide acceptance, and work both in the browser or in Node 4.0, we should mention a [good overview](https://24ways.org/2014/javascript-modules-the-es6-way/) of those as well.

More about patterns for working with modules in [this deck](http://darrenderidder.github.io/talks/ModulePatterns/).

* * *

EDIT (Feb 2017): Facebook's [Yarn](http://yarnpkg.com) is a very important potential replacement/supplement for npm these days: fast, deterministic, offline package-management that builds on what npm gives you. It's worth a look for any JS project, particularly since it's so easy to swap it in/out.

* * *

EDIT (May 2019) "Bower has finally been [deprecated](https://bower.io/blog/2017/how-to-migrate-away-from-bower/). End of story." (h/t: @DanDascalescu, below, for pithy summary.)

And, while Yarn [is still active](https://github.com/yarnpkg/yarn/issues/6953), a lot of the momentum for it shifted back to npm once it adopted some of Yarn's key features.

2017-Oct update
---------------

Bower has finally been [deprecated](https://bower.io/blog/2017/how-to-migrate-away-from-bower/). End of story.

Older answer
------------

[From Mattias Petter Johansson, JavaScript developer at Spotify](https://www.quora.com/Why-use-Bower-when-there-is-npm/answer/Mattias-Petter-Johansson):

> In almost all cases, it's more appropriate to use Browserify and npm over Bower. It is simply a better packaging solution for front-end apps than Bower is. At Spotify, we use npm to package entire web modules (html, css, js) and it works very well.
> 
> Bower brands itself as the package manager for the web. It would be awesome if this was true - a package manager that made my life better as a front-end developer would be awesome. The problem is that Bower offers no specialized tooling for the purpose. It offers NO tooling that I know of that npm doesn't, and especially none that is specifically useful for front-end developers. **There is simply no benefit for a front-end developer to use Bower over npm.**
> 
> We should stop using bower and consolidate around npm. Thankfully, that is what [is happening](http://www.modulecounts.com/):

[![Module counts - bower vs. npm](https://i.stack.imgur.com/HLBsP.png)](https://i.stack.imgur.com/HLBsP.png)

> With browserify or webpack, it becomes super-easy to concatenate all your modules into big minified files, which is awesome for performance, especially for mobile devices. Not so with Bower, which will require significantly more labor to get the same effect.
> 
> npm also offers you the ability to use multiple versions of modules simultaneously. If you have not done much application development, this might initially strike you as a bad thing, but once you've gone through a few bouts of [Dependency hell](http://en.wikipedia.org/wiki/Dependency_hell) you will realize that having the ability to have multiple versions of one module is a pretty darn great feature. Note that npm includes a very handy [dedupe tool](https://docs.npmjs.com/cli/dedupe) that automatically makes sure that you only use two versions of a module if you actually _have_ to - if two modules both _can_ use the same version of one module, they will. But if they _can't_, you have a very handy out.

(Note that [Webpack](https://www.reddit.com/r/javascript/comments/2is81v/why_is_not_systemjs_dominating_the_field_of/cla66t3) and [rollup](https://nolanlawson.com/2016/08/15/the-cost-of-small-modules/) are widely regarded to be better than Browserify as of Aug 2016.)

Bower maintains a single version of modules, it only tries to help you select the correct/best one for you.

> [Javascript dependency management : npm vs bower vs volo?](https://stackoverflow.com/questions/15092345/javascript-dependency-management-npm-vs-bower-vs-volo/22101165#22101165)

NPM is better for node modules because there is a module system and you're working locally. Bower is good for the browser because currently there is only the global scope, and you want to be very selective about the version you work with.

Bower 和 npm 有什么区别

在Node.js中，可以通过npm（Node包管理器）来卸载已安装的模块。卸载npm模块的基本命令格式如下：

```bash
npm uninstall <module_name>
```

这里是详细步骤和示例：

1. **全局卸载模块**：
   如果模块是全局安装的，需要使用 `-g`标志来卸载它。例如，如果您想全局卸载名为 `nodemon`的模块，您可以使用以下命令：

   ```bash
   npm uninstall -g nodemon
   ```
2. **本地卸载模块**：
   如果模块是作为项目依赖安装的，那么您可以直接在项目根目录中执行卸载命令。比如您的项目使用了 `express`，卸载它的命令如下：

   ```bash
   npm uninstall express
   ```

这将会从您的 `node_modules`目录中移除 `express`模块，并且同时更新 `package.json`和 `package-lock.json`文件中的依赖信息。

3. **保存到依赖列表中的卸载**：
   若您在安装模块时使用了 `--save`、`--save-dev`或 `--save-optional`标志，卸载时也应该考虑是否需要从相关的依赖列表中移除。例如，如果 `express`是作为开发依赖（devDependency）安装的，卸载并更新 `package.json`的命令如下：

   ```bash
   npm uninstall --save-dev express
   ```
4. **检查是否正确卸载**：
   卸载后，您可以通过检查项目的 `node_modules`目录，或者使用 `npm list`命令来确认模块是否已被正确卸载。

   ```bash
   npm list
   npm list -g   # 用于检查全局模块
   ```

请注意，有时候即使卸载了一个模块，该模块的依赖可能仍然存在于 `node_modules`目录中。如果您想彻底清理不再需要的模块，可以使用如 `npm prune`的命令来移除项目中未列在 `package.json`文件中的所有模块。

以上就是在Node.js中卸载npm模块的基本步骤。


The command is simply `npm uninstall <name>`

The Node.js documents [https://npmjs.org/doc/](https://npmjs.org/doc/) have all the commands that you need to know with npm.

A local install will be in the `node_modules/` directory of your application. This won't affect the application if a module remains there with no references to it.

If you're removing a global package, however, any applications referencing it will crash.

Here are different options:

`npm uninstall <name>` removes the module from `node_modules` but does not update `package.json`

`npm uninstall <name> --save` also removes it from `dependencies`in `package.json`

`npm uninstall <name> --save-dev` also removes it from `devDependencies` in `package.json`

`npm uninstall -g <name> --save` also removes it globally

If it doesn't work with `npm uninstall <module_name>` try it globally by typing `-g`.

Maybe you just need to do it as an superUser/administrator with `sudo npm uninstall <module_name>`.

Well, to give a complete answer to this question, there are [two methods](https://docs.npmjs.com/getting-started/uninstalling-local-packages) (for example we call the installed module as module1):

1.  To remove module1 **without** changing package.json:
    
    `npm uninstall module1`
    
2.  To remove module1 **with** changing package.json, and removing it from the dependencies in package.json:
    
    `npm uninstall --save module1`
    

Note: to simplify the above mentioned commands, you can use **\-S** instead of **\--save** , and can use **remove**, **rm**, **r**, **un**, **unlink** instead of **uninstall**

I just install _stylus_ by default under my home dir, so I just use `npm uninstall stylus` to detach it, or you can try `npm rm <package_name>` out.

To uninstall the Node.js module:

    npm uninstall <module_name>
    

This will remove the module from folder _node\_modules_, but not from file _package.json_. So when we do npm install again it will download the module.

So to remove the module from file _package.json_, use:

    npm uninstall <module_name> --save
    

This also deletes the dependency from file _package.json_.

And if you want to uninstall any globally module you can use:

    npm -g uninstall <module_name> --save
    

This will delete the dependency globally.

如何卸载NodeJS 中的npm 依赖包？

要将Node.js和npm更新到最新的版本，需要遵循一系列步骤，这取决于您的操作系统以及您当前安装Node.js的方式。以下是一些通用的指导步骤，适用于多种操作系统：

### 使用包管理器更新

#### 对于 macOS 和 Linux 用户：

1. **使用Homebrew**（如果是macOS并且之前通过Homebrew安装）:
   安装Homebrew:
   ```sh
   /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
   ```
   更新Node.js:
   ```sh
   brew update
   brew upgrade node
   ```

2. **使用n或nvm**（Node.js版本管理器）:
   安装n（简化版本管理器）:
   ```sh
   npm install -g n
   ```
   使用n更新到最新的稳定版本:
   ```sh
   n stable
   ```

   或者安装nvm（Node版本管理器）:
   ```sh
   curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
   # 或者使用Wget:
   wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
   ```
   通过nvm安装最新的Node.js版本:
   ```sh
   nvm install node # "node"是指最新版本
   nvm use node
   ```

#### 对于Windows用户：

如果你是通过Windows包管理器如Chocolatey安装的，可以使用以下命令：

```sh
choco upgrade nodejs
```

或者，您也可以使用nvm-windows，一个专为Windows环境设计的nvm版本：

```sh
nvm install latest
nvm use latest
```

### 手动更新

如果你没有使用任何包管理器，你可以手动下载最新的Node.js安装包：

1. 访问Node.js官方网站 [Node.js](https://nodejs.org/)。
2. 根据您的操作系统选择相应的安装包下载。
3. 运行下载的安装程序并遵循其指示以完成安装。

### 更新npm

通常，更新Node.js后，npm也会更新。但是，如果需要手动更新npm，可以使用以下命令：

```sh
npm install -g npm@latest
```

这会将npm更新到最新的版本。

### 验证更新

安装完毕后，您可以运行下面的命令来验证Node.js和npm的版本：

```sh
node -v
npm -v
```

这两条命令将会显示您当前的Node.js和npm版本，从而验证更新是否成功。

请记住，更新到最新版本可能会导致与旧项目的兼容性问题，因此在更新之前最好备份您的项目。此外，某些项目可能依赖于特定的Node.js版本，所以在升级到最新的版本之前，请确保阅读项目文档以避免潜在的版本冲突。

Use:

    npm update -g npm
    

See the documentation for the **[`update`](https://docs.npmjs.com/cli/update)** command:

> `npm update [-g] [<pkg>...]`
> 
> This command will update all the packages listed to the latest version (specified by the tag config), respecting semver.

Additionally, see the documentation on [Node.js and NPM installation](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm) and [Upgrading NPM](https://docs.npmjs.com/try-the-latest-stable-version-of-npm).

The following original answer is from the old FAQ that no longer exists, but it should work for Linux and Mac:

> How do I update npm?
> --------------------
> 
>     npm install -g npm
>     
> 
> Please note that this command will remove your current version of npm. Make sure to use `sudo npm install -g npm` if on a Mac.
> 
> You can also update all outdated local packages by doing `npm update` without any arguments, or global packages by doing `npm update -g`.
> 
> Occasionally, the version of npm will progress such that the current version cannot be properly installed with the version that you have installed already. (Consider, if there is ever a bug in the update command.) In those cases, you can do this:
> 
>     curl https://www.npmjs.com/install.sh | sh
>     

To update Node.js itself, I recommend you use [nvm, the Node Version Manager](https://github.com/creationix/nvm).

I found this really neat way of updating Node.js on [David Walsh's blog](http://davidwalsh.name/upgrade-nodejs). You can do it by installing **[`n`](https://www.npmjs.com/package/n)**:

    sudo npm cache clean -f
    sudo npm install -g n
    sudo n stable
    

It will install the current stable version of Node.js.

* * *

But please don't use `n` anymore. I recommend using **[`nvm`](https://github.com/creationix/nvm)**. You can simply install stable by following the commands below:

    nvm ls-remote
    nvm install <version>
    nvm use <version>

Updating npm is easy:

    npm install npm@latest -g

I understand this question is for a Linux machine, but just in case anybody is looking for a Windows solution, just go to [the Node.js site](http://nodejs.org/), click the **download** button on the homepage and execute the installer program.

Thankfully, it took care of everything, and with a few clicks of the Next button, I got the latest 0.8.15 Node.js version running on my [Windows 7](https://en.wikipedia.org/wiki/Windows_7) machine.

As you may already know, _npm_ is currently bundled with Node.js. It means that if you have installed Node.js, you've already installed npm as well.

Also, pay attention to the [Node.js and npm release versions table](https://nodejs.org/en/download/releases/) that shows us approximate versions compatibility. Sometimes, versions discrepancy may cause incompatibility errors.

So, if you're a developer, it's kind of "best practice" to manage your development environment using one of the Node.js version managers.

Here is a list and usage notes of some of the most popular:

Homebrew _(macOS)_
------------------

If you're on **macOS**, you can use [Homebrew](http://brew.sh/).

_Actually, it's not just a Node.js version manager._

To install Homebrew to your Mac:

    ruby -e "$(curl -fsSL https://raw.github.com/Homebrew/homebrew/go/install)"
    

To install Node.js and npm using Homebrew, run:

    brew install node
    

Later, you will be able to update them using:

    brew update && brew upgrade node
    

Also, you can _switch_ between Node.js versions as well:

    brew switch node 0.10.26
    

**npm** will be _upgraded/downgraded_ automatically.

n _(macOS, Linux)_
------------------

[n](https://github.com/tj/n) is most likely to _rvm_ (Ruby Version Manager), and is used to manage Node.js and npm versions simultaneously. It is written on pure **Linux shell**, and available as an [npm module](https://www.npmjs.org/package/n). So, if you already have any Node.js version installed, you can _install/update_ the _n_ package through npm:

    npm install -g n
    

Downloading, installing and switching to Node.js and **npm** versions is as easy as:

    n 0.10.26
    n 0.8.17
    n 0.9.6
    

To download, install, and switch to the **latest** official release, use:

    n latest
    

To download, install, and switch to the latest **stable** official release, use:

    n stable
    

To switch to the previously active version (aka `$ cd -`), use:

    n prev
    

If you want to see the list of installed Node.js versions, just run `n` from your command line. The output will be something like the following:

    n
    

Output:

      0.10.26
    • 0.8.17
      0.9.6
    

Where the dot (•) means that it's a currently active version. To select another Node.js version from the list, use Up/Down arrow keys and activate using the Enter key.

To list the versions available to install:

    n lsr
    

nvm _(macOS, Linux)_
--------------------

[nvm](https://github.com/creationix/nvm) is also like rvm, even the command names and usage are very similar.

To install nvm, you can use the [installation script](https://github.com/creationix/nvm/blob/master/install.sh) (requires Git) using `cURL`:

    curl https://raw.github.com/creationix/nvm/master/install.sh | sh
    

or [Wget](https://en.wikipedia.org/wiki/Wget):

    wget -qO- https://raw.github.com/creationix/nvm/master/install.sh | sh
    

To download and install a specific Node.js and npm version, use:

    nvm install 0.10
    

Then, you can switch to the installed version, using:

    nvm use 0.10
    

Also, you can create the _.nvmrc_ file containing the version number, then switch to the specified version using the following command:

    nvm use
    

To see the list of installed Node.js versions, use:

    nvm ls
    

To list the versions available to install:

    nvm ls-remote
    

nvm-windows _(Windows)_
-----------------------

[nvm-windows](https://github.com/coreybutler/nvm-windows#node-version-manager-nvm-for-windows) is a Node.js version management utility for Windows, ironically written in [Go](https://en.wikipedia.org/wiki/Go_%28programming_language%29).

_It is not the same thing as nvm_. However, the usage as a Node.js version manager is very similar.

To install nvm-windows, it is required to uninstall any existing versions of Node.js and npm beforehand. Then, download and run the [latest installer from releases](https://github.com/coreybutler/nvm-windows/releases).

To upgrade nvm-windows, run the new installer. It will safely overwrite the files it needs to update without touching your Node.js installations.

nvm-windows runs in an Admin shell. You'll need to start PowerShell or Command Prompt as _Administrator_ to use nvm-windows.

Before using, you may also need to enable nvm-windows with the following command:

    nvm on
    

To download and install a specific Node.js and npm version, use:

    nvm install 0.12
    

Then, you can switch to the installed version, using:

    nvm use 0.12
    

If you want to see the list of installed Node.js versions, use:

    nvm list
    

To list the versions available to install:

    nvm list available

如何将 NodeJS 和 NPM 升级到最新版本？

当您在`package.json`文件的依赖项列表中看到波浪号(~)和插入符号(^)，这两个符号都是用来指定npm包的版本范围的。不过，它们指定的版本范围有所不同。

### 波浪号(~)

波浪号`~`后面的版本号意味着当您运行`npm install`时，npm会安装该版本号指定的小版本（minor version）中最新的补丁版本（patch version）。也就是说，它允许安装与指定版本在小版本号相同，但是补丁版本号更高的包。

#### 例子：

如果`package.json`中的依赖项写为`"library": "~1.2.3"`，那么安装的将是1.2.x的最新版本，`x`代表该小版本中的最新补丁。因此，如果最新版本是1.2.4，您将得到1.2.4。但是它不会安装1.3.0，因为这已经是下一个小版本了。

### 插入符号(^)

插入符号`^`后面的版本号意味着当您运行`npm install`时，npm会安装与指定的主版本号（major version）相同的最新版本，但允许小版本（minor version）和补丁版本（patch version）的变动。

#### 例子：

如果`package.json`中的依赖项写为`"library": "^1.2.3"`，那么安装的将是1.x.x的最新版本，只要它不是主版本号变更（比如到2.0.0），都是允许的。所以，如果存在1.3.0或者1.4.1这样的版本，使用`^`会允许安装这些版本。

### 总结

简而言之，插入符号`^`允许更宽泛的版本升级，适用于那些遵循语义化版本（semver）并且对小版本和补丁版本的更新只包含向后兼容的更改时。波浪号`~`则更加保守，只允许补丁级别的更新，适用于对版本更新更加谨慎的场景。

在实际开发中，选择使用哪个取决于对依赖包更新的控制需求以及对三方库的信任度。如果信任库的维护者遵循严格的语义化版本原则，使用`^`可以更方便地获取功能更新和bug修复。如果希望更谨慎地更新依赖，以避免可能引入的不兼容更改，使用`~`会更保险。

See the [NPM docs](https://docs.npmjs.com/cli/v8/configuring-npm/package-json#dependencies) and [semver docs](https://docs.npmjs.com/cli/v6/using-npm/semver):

*   `~version` **“Approximately equivalent to version”**, will update you to all future patch versions, without incrementing the minor version. `~1.2.3` will use releases from 1.2.3 to <1.3.0.
    
*   `^version` **“Compatible with version”**, will update you to all future minor/patch versions, without incrementing the major version. `^1.2.3` will use releases from 1.2.3 to <2.0.0.
    

See Comments below for exceptions, in particular [for pre-one versions, such as ^0.2.3](https://stackoverflow.com/questions/22343224/whats-the-difference-between-tilde-and-caret-in-package-json#comment53973834_22345808)

I would like to add the official npmjs documentation as well which describes all methods for version specificity including the ones referred to in the question

value

desc

`~version`

Approximately equivalent to version, i.e., only accept new **patch** versions  
See [npm semver - Tilde Ranges](https://github.com/npm/node-semver#tilde-ranges-123-12-1)

`^version`

Compatible with version, i.e., accept new **minor and patch** versions  
See [npm semver - Caret Ranges](https://github.com/npm/node-semver#caret-ranges-123-025-004)

`version`

Must match version exactly

`>version`

Must be greater than version

`>=version`

Must be equal or greater than version

`<version`

Must be lesser than version

`<=version`

Must be equal or lesser than version

`1.2.x`

1.2.0, 1.2.1, etc., but not 1.3.0

`*`

Matches any version

`latest`

Obtains latest release

The above list is not exhaustive. Other version specifiers include GitHub urls and GitHub user repo's, local paths and packages with specific npm tags

### Official Docs

*   [npm docs > package.json > dependencies](https://docs.npmjs.com/cli/v7/configuring-npm/package-json#dependencies)
*   [npm docs > semver > versions](https://docs.npmjs.com/cli/v7/using-npm/semver#versions)
*   [semver (7)](http://semver.org/)

The package manager [npm](https://www.npmjs.com/) allows installing a newer package version than the one specified.  
Using tilde (`~`) gives you bug-fix releases, while caret (`^`) in addition gives you backward-compatible new functionality.

The problem is that old versions usually don't receive bug fixes, so npm uses caret (`^`) as the default for `--save`.

[![SemVer table](https://i.stack.imgur.com/JQ4ei.png)](https://i.stack.imgur.com/JQ4ei.png)

Source: ["SemVer explained - why there's a caret (^) in my package.json?"](http://bytearcher.com/articles/semver-explained-why-theres-a-caret-in-my-package-json/).

**Note** that the rules apply to versions above 1.0.0. Not every project follows semantic versioning.  
For versions 0.x.x the caret allows only _patch_ updates, i.e., it behaves the same as the tilde.  
See ["Caret Ranges"](https://github.com/npm/node-semver#caret-ranges-123-025-004).

Here's a visual explanation of the concepts:

> ![semver diagram](https://bytearcher.com/goodies/semantic-versioning-cheatsheet/wheelbarrel-with-tilde-caret-white-bg-w1000.jpg)

Source: ["Semantic Versioning Cheatsheet"](http://bytearcher.com/goodies/semantic-versioning-cheatsheet).

Semver
------

    <major>.<minor>.<patch>-beta.<beta> == 1.2.3-beta.2
    

*   Use [npm semver calculator](https://semver.npmjs.com/) for testing. Although the explanations for ^ (include everything greater than a particular version in the same major range) and ~ (include everything greater than a particular version in the same minor range) aren't a 100% correct, the calculator seems to work fine.
*   Alternatively, use [SemVer Check](http://jubianchi.github.io/semver-check/) instead, which doesn't require you to pick a package and also offers explanations.

Allow or disallow changes
-------------------------

*   Pin version: `1.2.3`.
*   Use `^` (like head). Allows updates at the second non-zero level from the left: `^0.2.3` means `0.2.3 <= v < 0.3`.
*   Use `~` (like tail). Generally freeze right-most level or set zero if omitted:
*   `~1` means `1.0.0 <= v < 2.0.0`
*   `~1.2` means `1.2.0 <= v < 1.3.0`.
*   `~1.2.4` means `1.2.4 <= v < 1.3.0`.
*   Ommit right-most level: `0.2` means `0.2 <= v < 1`. Differs from `~` because:
    *   Starting omitted level version is always `0`
    *   You can set starting major version without specifying sublevels.

All (hopefully) possibilities
-----------------------------

**Set starting major-level and allow updates upward**

    *  or "(empty string)   any version
    1                         v >= 1
    

**Freeze major-level**

    ~0 (0)            0.0 <= v < 1
    0.2               0.2 <= v < 1          // Can't do that with ^ or ~ 
    ~1 (1, ^1)        1 <= v < 2
    ^1.2              1.2 <= v < 2
    ^1.2.3            1.2.3 <= v < 2
    ^1.2.3-beta.4     1.2.3-beta.4 <= v < 2
    

**Freeze minor-level**

    ^0.0 (0.0)        0 <= v < 0.1
    ~0.2              0.2 <= v < 0.3
    ~1.2              1.2 <= v < 1.3
    ~0.2.3 (^0.2.3)   0.2.3 <= v < 0.3
    ~1.2.3            1.2.3 <= v < 1.3
    

**Freeze patch-level**

    ~1.2.3-beta.4     1.2.3-beta.4 <= v < 1.2.4 (only beta or pr allowed)
    ^0.0.3-beta       0.0.3-beta.0 <= v < 0.0.4 or 0.0.3-pr.0 <= v < 0.0.4 (only beta or pr allowed)
    ^0.0.3-beta.4     0.0.3-beta.4 <= v < 0.0.4 or 0.0.3-pr.4 <= v < 0.0.4 (only beta or pr allowed)
    

**Disallow updates**

    1.2.3             1.2.3
    ^0.0.3 (0.0.3)    0.0.3
    

**Notice**: Missing major, minor, patch or specifying `beta` without number, is the same as `any` for the missing level.

**Notice**: When you install a package which has `0` as major level, the update will only install new beta/pr level version! That's because `npm` sets `^` as default in `package.json` and when installed version is like `0.1.3`, it freezes all major/minor/patch levels.

*   [https://docs.npmjs.com/misc/semver](https://docs.npmjs.com/misc/semver)
*   [https://docs.npmjs.com/files/package.json#dependencies](https://docs.npmjs.com/files/package.json#dependencies)

As long as the first number ("major") is at least 1:

`~` locks major and minor numbers. It is used when you're ready to accept only bug-fixes (increments in the third number), but don't want any other changes, not even minor upgrades that add features.

`^` locks the major number only. It is used when you are willing to receive bug fixes (increments in the third number) and minor upgrades that add features but should not break existing code (increments in the second number). However you do not want changes that break existing code (increments in the first number).

In addition to that, `^` is [not supported](https://stackoverflow.com/questions/22270244/install-grunt-phonegap-error-no-compatible-version-found-urijs1-12-0#comment33861904_22270244) by old npm versions, and should be used with caution.

So, `^` is a good default, but it's not perfect. I suggest to carefully pick and configure the semver operator that is most useful to you.

(Revised to avoid saying "fixes" and "bug-fixes" with conflicting use of "fixes", which is confusing)

Package .json 中波浪号（~）和插入符号（^）有什么区别？

在使用`pnpm`作为包管理工具时，如果你有一个工作区（workspace）项目，可能需要对子包（packages）进行构建，并且这些包之间存在依赖关系。为了控制它们的构建顺序，让依赖项先被构建，你可以使用`pnpm`的几种策略。

### 1. 使用`pnpm -r`或`--recursive`

`pnpm`支持递归地在工作区中运行命令，它会自动识别包之间的依赖关系并按照正确的顺序运行。

```sh
pnpm -r --filter <filter-pattern> run <command>
```

例如，如果你想要构建所有的包，可以使用：

```sh
pnpm -r run build
```

### 2. 使用`--sort`标志

在运行`pnpm -r`时，可以添加`--sort`标志，这样`pnpm`将按照拓扑顺序执行命令，确保依赖先于依赖它们的包被处理。

```sh
pnpm -r --sort run build
```

### 3. 使用`pnpm`的`pnpm-workspace.yaml`文件

通过在`pnpm-workspace.yaml`文件中声明包的顺序，`pnpm`会在执行命令时考虑这个顺序。

```yaml
packages:
  - 'packages/utils'
  - 'packages/core'
  - 'packages/app'
```

`pnpm`会首先处理`packages/utils`，然后是`packages/core`，最后是`packages/app`。

### 4. 使用`pnpm`的过滤标志

`pnpm`支持使用过滤标志来限制命令运行的包的范围。

```sh
pnpm -r --filter "<package-name>" run build
```

你可以指定多个过滤条件来控制执行顺序。

### 5. 编写自定义脚本

如果你有特别复杂的构建需求，可以编写自定义的脚本来控制构建过程。例如，你可以使用Node.js脚本来分析`package.json`文件中的依赖，并按照你的特定需求执行构建任务。

```javascript
const { execSync } = require('child_process');
const { getWorkspaces } = require('some-workspaces-tool');

const buildPackage = (packageName) => {
  console.log(`Building ${packageName}...`);
  execSync(`pnpm run build`, { stdio: 'inherit', cwd: `packages/${packageName}` });
};

const workspaces = getWorkspaces();

// 自定义逻辑来排序和构建包
workspaces.sort(customSortFunction).forEach((workspace) => {
  buildPackage(workspace.name);
});
```

### 示例：

假设你有一个名为`@company/core`的包，它依赖于`@company/utils`。你希望在构建`@company/core`之前构建`@company/utils`。

你可以在`pnpm-workspace.yaml`中像这样指定包的顺序：

```yaml
packages:
  - 'packages/utils'
  - 'packages/core'
```

然后运行以下命令确保按照正确的顺序进行构建：

```sh
pnpm -r --sort run build
```

这会首先构建`utils`包，然后是`core`包。

使用`pnpm`的这些工具和策略，你可以有效地管理你的工作区项目的构建顺序，确保构建过程的正确性和效率。

如何控制 pnpm workspace 的构建顺序？

在使用 `pnpm` 执行命令时，如果您需要向脚本或命令传递任意参数，通常可以在命令后直接添加这些参数。但是，如果需要将参数传递给通过 `pnpm` 运行的npm脚本，则需要在参数前加上 `--` 来确保参数正确传递。

例如，如果您有一个名为 `start` 的npm脚本，您想传递一些任意参数给它，您可以这样做：

```sh
pnpm start -- --user=yourname --port=8080
```

在这个例子中，`--user=yourname` 和 `--port=8080` 是将要传递给 `start` 脚本的参数。`--` 确保 `pnpm` 会把后面的参数原封不动地传递给 `start`，而不是被 `pnpm` 本身消费。

另一个例子，如果你要使用 `pnpm exec` 命令执行一个工具，并且需要传递参数给那个工具，你通常不需要 `--`。例如：

```sh
pnpm exec some-tool --option=value
```

在这种情况下，`--option=value` 是直接传递给 `some-tool` 的参数。

请注意，pnpm的行为可能会与npm和yarn略有不同，但它们都支持使用 `--` 分隔符来传递额外的参数。

I am not sure why it throws an error. Sounds like a bug. However, this will work:

    pnpm run build --foo=bar
    

But it will not create the `npm_config_foo` env variable. It will just append the option to the executed script. So if your build script is `webpack`, then pnpm will run:

    webpack --foo=bar
    

So, it is basically like running `npm run build -- --foo=bar`. Or like running `yarn build --foo=bar`

You can read about this also in the pnpm docs: [https://pnpm.io/cli/run#options](https://pnpm.io/cli/run#options)

Pnpm 执行脚本时如何传递参数?

当您使用 `pnpm` 来安装全局包时，默认情况下，它会将包安装到一个特定的全局目录中。但是，如果需要更改全局包的安装位置，可以通过设置环境变量来实现。

对于 `pnpm` 而言，更改全局依赖包位置的方法如下：

1. **设置环境变量**：您需要设置 `PNPM_HOME` 环境变量，来指定全局依赖包的存储位置。同时，确保将 `${PNPM_HOME}/bin` 目录添加到您的 `PATH` 环境变量中，以便可以从任何地方运行这些全局安装的包。

2. **更新配置文件**：如果您不想每次打开新的终端或会话都设置一次环境变量，可以选择将这些环境变量添加到您的 shell 配置文件中（如 `.bashrc`, `.bash_profile`, `.zshrc` 等），这样它们将自动加载。

下面是在 Unix-like 系统（如 Linux 或 macOS）上设置这些环境变量的步骤：

```sh
# 设置 PNPM_HOME 环境变量来指定全局依赖包的新位置
export PNPM_HOME="/path/to/your/global/pnpm/location"

# 将 PNPM_HOME/bin 添加到 PATH 环境变量中
export PATH="$PNPM_HOME/bin:$PATH"

# 将这些行添加到您的 shell 配置文件中，比如 .bashrc 或 .zshrc，
# 以确保每次新的终端会话都会设置这些变量。
echo 'export PNPM_HOME="/path/to/your/global/pnpm/location"' >> ~/.bashrc
echo 'export PATH="$PNPM_HOME/bin:$PATH"' >> ~/.bashrc
```

如果您使用的是 Windows 系统，则可以在“系统属性”中的“环境变量”设置或通过命令行（例如，使用 PowerShell）来设置环境变量：

```powershell
# 设置 PNPM_HOME 环境变量来指定全局依赖包的新位置
$env:PNPM_HOME="C:\path\to\your\global\pnpm\location"

# 将 PNPM_HOME\bin 添加到 PATH 现有的环境变量中
$env:PATH="$env:PNPM_HOME\bin;$env:PATH"

# 永久设置环境变量，您需要使用 Set-ItemProperty
Set-ItemProperty -Path 'HKCU:\Environment' -Name 'PNPM_HOME' -Value 'C:\path\to\your\global\pnpm\location'
[System.Environment]::SetEnvironmentVariable('PATH', "$env:PNPM_HOME\bin;$env:PATH", [System.EnvironmentVariableTarget]::User)
```

在设置了这些环境变量后，您在使用 `pnpm install -g <package>` 命令安装任何全局包时，pnpm 会将它们安装到您指定的新位置。记得替换上述命令中的 `/path/to/your/global/pnpm/location` 和 `C:\path\to\your\global\pnpm\location` 为您希望全局包安装的实际路径。

For pnpm v6, use `global-dir` instead of `pnpm-prefix`:

    pnpm config set global-dir <dir>
    

Although `<dir>` can be arbitrary, to keep the original directory structure, it should be `<your npm prefix>/pnpm-global`.

From [changelog](https://github.com/pnpm/pnpm/blob/main/packages/pnpm/CHANGELOG.md#600):

> The `pnpm-prefix` setting is removed. Use `global-dir` to specify a custom location for the globally installed packages.

Set the `pnpm-prefix` config with the desired location

    pnpm config set pnpm-prefix <dir>

如何更改 pnpm 安装全局依赖包的存储位置？

迁移项目从npm到pnpm是一个可以提高包管理效率和节省磁盘空间的好方法。下面是一个详细的步骤指南：

### 1. 安装pnpm
首先，你需要在你的机器上安装pnpm。可以通过以下命令安装：

```bash
npm install -g pnpm
```

### 2. 准备迁移
在迁移之前，应该确保当前项目在npm下是处于工作状态的，这包括运行测试和确保所有依赖都是最新的。这样可以比较迁移前后的行为，确保迁移没有引入问题。

### 3. 删除node_modules和package-lock.json
pnpm使用不同的方式来安装和链接依赖，所以需要删除现有的`node_modules`文件夹以及`package-lock.json`或`npm-shrinkwrap.json`文件（如果存在的话）：

```bash
rm -rf node_modules package-lock.json
```

### 4. 使用pnpm安装依赖
现在你可以使用pnpm来安装你的项目依赖了。在你的项目根目录下运行：

```bash
pnpm install
```

这将会安装所有在`package.json`中声明的依赖，并创建一个`pnpm-lock.yaml`文件，类似npm的`package-lock.json`，但是是为了pnpm定制的。

### 5. 测试项目
安装完成后，运行项目的测试和构建脚本，确保一切工作如预期。你可以运行：

```bash
pnpm run test
pnpm run build
# 或者其他相应的脚本
```

如果遇到任何与依赖相关的问题，检查并更新`package.json`中的依赖声明，并确保它们与`pnpm-lock.yaml`匹配。

### 6. 更新CI/CD脚本
如果你的项目使用了持续集成/持续部署(CI/CD)，确保更新相关脚本以使用pnpm命令替代npm命令。

例如，你可能需要更新`.travis.yml`、`Jenkinsfile`、`GitLab-CI.yml`等配置文件。

### 7. 提交更改
提交这些更改到版本控制系统：

```bash
git add pnpm-lock.yaml
git commit -m "Migrate from npm to pnpm"
```

确保不要提交`node_modules`文件夹，通常这个文件夹应该在`.gitignore`中排除。

### 8. 通知团队成员
如果你是在团队中工作，确保通知所有成员他们需要切换到pnpm。你可以提供pnpm安装步骤和迁移后可能遇到的常见问题。

### 9. 监控生产环境
如果迁移后的项目将要部署到生产环境，密切监控应用程序以确保没有因为迁移而引起的问题。如果有问题，根据日志和指标迅速定位问题源头并修复。

以上是将项目从npm迁移到pnpm的一个基本指南。实际过程可能会根据项目的具体情况（如依赖的复杂性，自动化脚本的使用等）而有所不同。

Finally, I have made a backup of `node_modules` and rebuilt it from scratch with `pnpm` and added `concat` to have only one JavaScript source and applied `Google-compiler` to it.

The only difficulty was about `bootstrap` because it has changed a lot in two years. We need to keep the old look of it, so the command I used is `pnpm install bootstrap@3.3.7`.

After completion, the look and feel was identical but `node_modules` has grew from 8 MB to 12 MB...

You can `pnpm import` which takes your `package-lock.json` or `yarn.lock` and generates pnpm's lock file `pnpm-lock.yaml`. After that, you can `pnpm install` to install the dependencies of the project.

[documentation](https://pnpm.io/cli/import)

所有问题