npm dependencies


Dependency types

    "dependencies": { 
        "foo" : "1.0.0 - 2.9999.9999" 
    "devDependencies": {
        "coffee-script": "~1.6.3"
    "peerDependencies": {
        "tea": "2.x"

Demo / Quiz

1. Only peer installed
2. Yours more recent
3. Your less recent

On npm install

  • dependencies: If compatible version is present: does nothing. If not, gets required version and puts it under its node_modules
  • devDependencies: nothing
  • peerDependencies: if version not ok, gives a warning (mind package lock)

On execution

Close to source version has precedence over global version

 - a.v2

b code will use a-v2


Does the same...

i.e. bundle contains multiple versions of the same library


... in a smart way: removes same versions

 - b.v1
 - b.v2
 - b.v2

bundle contains b.v1 and b.v2

So everything works?


  • objects passed around could be of different kind
  • instance of
  • global variables or properties
  • all relies on semantic versioning

Semantic versioning

So what?

In your project

  • dependencies or devDependencies are the same: both are installed with npm install (careful with npm install --production)
  • keep your dependencies up to date

In your library

  • use peer dependencies (for big libraries shared among components, e.g. react, plugin, ...)
  • use version ranges (^1.2.3 := >=1.2.3 & <2.0.0 )
  • while developing install peer dependency by hand or add it to devDependencies
  • use semantic versioning!

Semantic versioning