After you've set up Node.js on your machine, the first thing you'll probably want to do is create a new project and start coding. And to get more efficient at the job, there are two important things that you'll need to be fluent with:
Packages in particular are one of the key reasons the Node.js ecosystem is shining. There are packages for about everything. But managing your packages can become tricky over time, even scary. Taking care of updates without breaking your project or be aware of potential vulnerabilities that may affect your project is something you'll have to look at.
To help you get up to speed on these topics, my friend Jen Looper will be our host here, with short videos that runs for less than 5 min each.
command is the faster way to create a new Node.js project from scratch. Let's walk through the different fields you're asked to fill and what's their purpose.
Every project has its set of tasks you repeat daily, like starting your app, building it, running the tests, linting your code to catch issues. Using NPM scripts is the most common way of automating your development tasks these days, so let's have a look at how you can set it up on your app.
One of the secrets of being an efficient developer is to not reinvent the wheel all the time. Packages (also called *dependencies*) can help you focus on writing the code that has the most value for your app by providing all the tools and helpers you need to get your app rolling.
When looking at this
file, it can seem a bit strange and not really useful at first. It's also a major source of problems when working in a team if it's not taken care of properly. Let's talk a bit about why it's useful, and why you should also commit this file in your repository.
It can make your head spin a bit at first, but you're going to use a lot of packages in your app. And all these packages get updated constantly, with new features, bug fixes or security patches. Trying to keep your app up-to-date may be challenging, especially if you don't want to break your code in the process.
Vulnerabilities can be a serious threat to any application. At some point, we all freak out when seeing an NPM message saying that you have more than a hundred of vulnerabilities in your app (my current record on a legacy project is over 40k+ 😱). But don't worry - or at least not immediately - as there are strategies to fix or mitigates these issues. And sometimes, you can also safely ignore them, so let's have a look at it.
That's it for this post, that was already quite a lot to cover. Of course, every one of these videos could make up for an in-depth article of its own as there's only so much that can be covered under 5 minutes.
If you would like to deepen your knowledge around packages, you can take a look at this Interactive in-depth tutorial on Node.js dependencies.
Thanks for reading!
Also published here.
Create your free account to unlock your custom reading experience.