Repository files navigation

caution do not usepackage.json for the folder name if you want to clone this project to your machine - it will breakyarn (An unexpected error occurred: "EISDIR: illegal operation on a directory, read".).

Original version of this document copied fromyarnpkg.

See alsonpm documentation,std-pkg,clean-publish,package-json-validator,cosmiconfig,rc (as an opponent approach to cosmiconfig).

• Essentials
  • name
  • version
• Info
  • description
  • keywords
  • license
• Links
  • homepage
  • bugs
  • repository
• Maintainers
  • author
  • contributors
• Files
  • files
  • main
  • bin
  • man
  • directories
• Tasks
  • scripts
  • npm specificscripts
  • config
• Dependencies
  • dependencies
  • devDependencies
  • peerDependencies
  • optionalDependencies
  • bundledDependencies
• System
  • engines
  • os
  • cpu
  • libc
• Publishing
  • private
  • publishConfig
• Yarn
  • flat
  • resolutions
• Lerna + Yarn
  • workspaces
• Bolt
  • bolt
• unpkg
  • unpkg
• TypeScript
  • types
• Flow
  • flow:main
• browserslist
  • browserslist
• Package bundlers
  • module
  • browser
  • esnext
  • es2015
  • esm
  • module-browser
  • modules.root
  • jsnext:main
• metro
  • react-native
• webpack
  • sideEffects
• microbundle
  • source,umd:main
• Parcel
  • source
• @std/esm
  • @std/esm
• jspm
  • jspm
  • ignore
  • format
  • registry
  • shim
  • map
• browserify
  • browserify.transform
• Create React App
  • proxy
  • homepage
• babel
  • babel
• eslint
  • eslintConfig
• jest
  • jest
• stylelint
  • stylelint
• size-limit
  • size-limit
• PWMetrics
  • pwmetrics
• AVA
  • ava
• nyc
  • nyc
• Other
  • preferGlobal
  • style
  • less
• CommonJS Packages
  • Reserved Properties
• Standard JS
  • standard

The two most important fields in yourpackage.json arename andversion,without them your package won't be able to install. Thename andversionfields are used together to create a unique id.

{"name":"my-awesome-package"}

This is the name of your package. It gets used in URLs, as an argument on thecommand line, and as the directory name insidenode_modules.

yarn add [name]

node_modules/[name]

https://registry.npmjs.org/[name]/-/[name]-[version].tgz

Rules

• Must be less than or equal to 214 characters (including the@scope/ forscoped packages).
• Must not start with a dot (.) or an underscore (_).
• Must not have an uppercase letter in the name.
• Must use only URL-safe characters.

Tips

• Don't use the same name as a core Node.js module
• Don't putjs ornode in the name.
• Keep names short and descriptive. You want people to understand what it isfrom the name, but it will also be used inrequire() calls.
• Make sure that there isn't something in theregistry with the same name.

{"version":"1.0.0"}

The current version of your package.

{"description":"My short description of my awesome package"}

The description is just a string that helps people understand the purpose of the package. It can be used when searching for packages in a package manager as well.

{"keywords": ["short","relevant","keywords","for","searching"]}

Keywords are an array of strings that are useful when searching for packages in a package manager.

{"license":"MIT","license":"(MIT or GPL-3.0)","license":"SEE LICENSE IN LICENSE_FILENAME.txt","license":"UNLICENSED"}

All packages should specify a license so that users know how they are permittedto use it and any restrictions that you are placing on it.

You are encouraged to use an Open Source(OSI-approved) license unlessyou have a specific reason not to. If you built your package as part of yourjob it's likely best to check with your company before deciding on a license.

Must be one of the following:

• A validSPDX license identifier if you areusing a standard license.
• A validSPDX license expression syntax 2.0 expressionif you are using multiple standard licenses.
• ASEE LICENSE IN <filename> string that points to a<filename> in the toplevel of your package if you are using a non-standard license.
• AUNLICENSED string if you do not want to grant others the right to use aprivate or unpublished package under any terms.

Various links to documentation, places to file issues and where your package code actually lives.

{"homepage":"https://your-package.org"}

The homepage is the URL to the landing page or documentation for your package.

Also used byCreate React App

{"bugs":"https://github.com/user/repo/issues"}

The URL to your project's issue tracker. This can also be something like an email address as well. It provides users a way to find out where to send issues with your package.

{"repository": {"type":"git","url":"https://github.com/user/repo.git" },"repository":"github:user/repo","repository":"gitlab:user/repo","repository":"bitbucket:user/repo","repository":"gist:a1b2c3d4e5f"}

The repository is the location where the actual code for your package lives.

The maintainers of your project.

{"author": {"name":"Your Name","email":"you@example.com","url":"http://your-website.com" },"author":"Your Name <you@example.com> (http://your-website.com)"}

Package author information. An author is one person.

{"contributors": [    {"name":"Your Friend","email":"friend@example.com","url":"http://friends-website.com" }    {"name":"Other Friend","email":"other@example.com","url":"http://other-website.com" }  ],"contributors": ["Your Friend <friend@example.com> (http://friends-website.com)","Other Friend <other@example.com> (http://other-website.com)"  ]}

Those that have contributed to your package. Contributors are an array of people.

You can specify files that will be included in your project, along with the main entry point for your project.

{"files": ["filename.js","directory/","glob/*.{js,json}"  ]}

These are files that are included in your project. You can specify single files, whole directories or use wildcards to include files that meet a certain criteria.

{"main":"filename.js"}

This is the primary entry point for the functionality for your project.

{"bin":"bin.js","bin": {"command-name":"bin/command-name.js","other-command":"bin/other-command"  }}

Executable files included with your project that will be installed.

{"man":"./man/doc.1","man": ["./man/doc.1","./man/doc.2"]}

If you have man pages associated with your project, add them here.

{"directories": {"lib":"path/to/lib/","bin":"path/to/bin/","man":"path/to/man/","doc":"path/to/doc/","example":"path/to/example/"  }}

When installing your package, you can specify exact locations to put binary files, man pages, documentation, examples, etc.

Your package can include runnable scripts or other configuration.

{"scripts": {"build-project":"node build-project.js"  }}

Scripts are a great way of automating tasks related to your package, such as simple build processes or development tools. Using the"scripts" field, you can define various scripts to be run asyarn run <script>. For example, thebuild-project script above can be invoked withyarn run build-project and will runnode build-project.js.

Certain script names are special. If defined, thepreinstall script is called by yarn before your package is installed. For compatibility reasons, scripts calledinstall,postinstall, andprepublish will all be called after your package has finished installing.

Thestart script value defaults tonode server.js.

"scripts": {"start": "node server.js"}. If there is a server.js file in the root of your package, then npm will default the start command to node server.js.

"scripts":{"preinstall": "node-gyp rebuild"}. If there is a binding.gyp file in the root of your package, npm will default the preinstall command to compile using node-gyp.

--npm docs

npm supports thescripts property of thepackage.json file, for the following scripts:

• prepublish: Run BEFORE the package is packed and published, as well as on local npm install without any arguments. (See below)
• prepare: Run both BEFORE the package is packed and published, and on local npm install without any arguments (See below). This is run AFTER prepublish, but BEFORE prepublishOnly.
• prepublishOnly: Run BEFORE the package is prepared and packed, ONLY on npm publish. (See below.)
• prepack: run BEFORE a tarball is packed (on npm pack, npm publish, and when installing git dependencies)
• postpack: Run AFTER the tarball has been generated and moved to its final destination.
• publish,postpublish: Run AFTER the package is published.
• preinstall: Run BEFORE the package is installed
• install,postinstall: Run AFTER the package is installed.
• preuninstall,uninstall: Run BEFORE the package is uninstalled.
• postuninstall: Run AFTER the package is uninstalled.
• preversion: Run BEFORE bumping the package version.
• version: Run AFTER bumping the package version, but BEFORE commit.
• postversion: Run AFTER bumping the package version, and AFTER commit.
• pretest,test,posttest: Run by the npm test command.
• prestop,stop,poststop: Run by the npm stop command.
• prestart,start,poststart: Run by the npm start command.
• prerestart,restart,postrestart: Run by the npm restart command. Note: npm restart will run the stop and start scripts if no restart script is provided.
• preshrinkwrap,shrinkwrap,postshrinkwrap: Run by the npm shrinkwrap command.

Source:npm docs.

{"config": {"port":"8080"  }}

Configuration options or parameters used in your scripts.

Your package will very likely depend on other packages. You can specify those dependencies in yourpackage.json file.

{"dependencies": {"package-1":"^3.1.4"  }}

These are dependencies that are required in both development and production for your package.

You can specify an exact version, a minimum version (e.g.,>=) or a range of versions (e.g.>= ... <).

{"devDependencies": {"package-2":"^0.4.2"  }}

These are packages that are only required when developing your package but will not be installed in production.

{"peerDependencies": {"package-3":"^2.7.18"  }}

Peer dependencies allow you to state compatibility of your package with versions of other packages.

{"optionalDependencies": {"package-5":"^1.6.1"  }}

Optional dependencies can be used with your package, but are not required. If the optional package is not found, installation still continues.

{"bundledDependencies": ["package-4"  ]}

Bundled dependencies are an array of package names that will be bundled together when publishing your package.

You can provide system-level information associated with your package, such as operating system compatibility, etc.

{"engines": {"node":">=4.4.7 <7.0.0","zlib":"^1.2.8","yarn":"^0.14.0"  }}

The engines specify versions of clients that must be used with your package. This checks againstprocess.versions as well as the current version of yarn.

{"os": ["darwin","linux"],"os": ["!win32"]}

This specifies operating system compatibility for your package. It checks againstprocess.platform.

{"cpu": ["x64","ia32"],"cpu": ["!arm","!mips"]}

Use this to specify your package will only run on certain CPU architectures. This checks againstprocess.arch.

{"libc": ["glibc"],"libc": ["musl"]}

Use this to specify your package only runs on a specific flavor of libc. This checks against the result fromdetect-libc.

• pnpm support
• yarn support
• npm support TBD

{"private":true}

If you do not want your package published in a package manager, set this totrue.

{"publishConfig": {...  }}

These configuration values will be used when publishing your package. You can tag your package, for example.

{"flat":true}

If your package only allows one version of a given dependency, and you'd like to enforce the same behavior asyarn install --flat on the command line, set this totrue.

Note that if yourpackage.json contains"flat": true and other packages depend on yours (e.g. you are building a library rather than an application), those other packages will also need"flat": true in theirpackage.json or be installed withyarn install --flat on the command line.

{"resolutions": {"transitive-package-1":"0.0.29","transitive-package-2":"file:./local-forks/transitive-package-2","dependencies-package-1/transitive-package-3":"^2.1.1"  }}

Allows you to override a version of a particular nested dependency. Seethe Selective Versions Resolutions RFC for the full spec.

Note that installing dependencies via [yarn install --flat] will automatically add aresolutions block to yourpackage.json file.

If--use-workspaces is true thenpackages will be overridden by the value frompackage.json/workspaces.

Source:--use-workspaces.

SeeConfiguration

{"bolt": {"workspaces": ["utils/*","apps/*"    ]  }}

If you omit the file path (i.e. use a "bare" URL), unpkg will serve the file specified by theunpkg field inpackage.json, or fall back tomain (source).

If your package has a main.js file, you will need to indicate the main declaration file in yourpackage.json file as well. Set thetypes property to point to your bundled declaration file. For example:

{"main":"./lib/main.js","types":"./lib/main.d.ts"}

Note that thetypings field is synonymous withtypes, and could be used as well.

Also note that if your main declaration file is namedindex.d.ts and lives at the root of the package (next toindex.js) you do not need to mark thetypes property, though it is advisable to do so.

Source:TypeScript documentation

Note: in Flow they usedifferent approach

Not officially supported. Proposal ishere.

💖 Library to share target browsers between different front-end tools.It is used in:

• Autoprefixer
• babel-preset-env(external config inpackage.json orbrowserslist files supported in 2.0)
• postcss-preset-env
• eslint-plugin-compat
• stylelint-no-unsupported-browser-features
• postcss-normalize

All tools that rely on Browserslist will find its config automatically,when you add the following topackage.json:

{"browserslist": ["> 1%","last 2 versions"  ]}

Source:browserslist.

See also:Create React App Support.

See "Setting up multi-platform npm packages" for an introduction.

pkg.module will point to a module that has ES2015 module syntax but otherwise only syntax features that the target environments support. Full description ishere.

Supported by:rollup,webpack

Thebrowser field is provided by a module author as a hint to javascript bundlers or component tools when packaging modules for client side use. Proposal ishere.

Supported by:rollup,webpack,browserify

Support requested:babel-plugin-module-resolver

Full proposal ishere. Short explanation:

• esnext: source code using stage 4 features (or older), not transpiled, in ES modules.
• main: points to a CommonJS module (or UMD module) with JavaScript as modern as Node.js can currently handle.
• Mostmodule use cases should be handleable viaesnext.
• browser can be handled via an extended version ofesnext

{"main":"main.js","esnext": {"main":"main-esnext.js","browser":"browser-specific-main-esnext.js"  }}

See also:Delivering untranspiled source code via npm

Untranspiled ES6 code. Source:Angular Package Format (APF) v5.0

Proposal is here:adjusted proposal: ES module "esm": true package.json flag

See also:

• Module specifiers: what’s new with ES modules?
• mjs extension trade-offs revision
• reify

See thisissue

Also referred asmoduleBrowser,jsnext:browser.

Mentioned inIn Defense of .js.

There is alsomodules.resolver.

DEPRECATED

jsnext:main has been superseded bypkg.module, which indicates the location of a file with import/export declarations. Original proposal ishere.

Supported by:rollup.

Works similar tobrowser, but for react-native specific modules.Source.

Indicates that the package's modules have no side effects (on evaluation) and only expose exports. This allows tools like webpack to optimize re-exports.

See also:sideEffects example,proposal for marking functions as pure,eslint-plugin-tree-shaking.

SeeSpecifying builds in package.json.

Seeparcel-bundler/parcel#1652.

Developers have strong opinions on just about everything. To accommodate,@std/esm allows unlocking extra features with the"@std/esm" or"@std":{"esm":{}} field in yourpackage.json.

Source:@std/esm Unlockables

You can write all package properties at the base of the package.json, or if you don't want to change existing properties that you'd like to use specifically fornpm, you can write your jspm-specific configuration inside thejspm property of package.json, and jspm will use these options over the root level configuration options.

For example:

{"name":"my-package","jspm": {"main":"jspm-main"  }}

Seefull specification.

If there are certain specific files or folders to ignore, they can be listed in an array.

Options areesm,amd,cjs andglobal.

When loading modules fromnpm, the module format is treated ascjs by default and no automatic detection is run. To load modules of another format you will need to override this property manually.

Module formatesm (ECMAScript Module) currently isn't used in package.json.

jspm understands dependencies in the context of a registry.

When loading packages from npm, jspm will set the default registry tonpm, and treat the dependencies accordingly.

When loading packages from GitHub, the dependencies property is ignored without a registry property being present, as jspm has no way of knowing what the dependencies mean for existing GitHub repos.

Setting the registry property also determines how jspm interprets the package. For example, a GitHub package withregistry: "npm" will, along with getting its dependencies from npm, be interpreted as CommonJS and support features like directory and JSON requires, exactly as if it had been installed from the npm endpoint to begin with.

A package on GitHub with its registry property set toregistry: "jspm" will have its dependencies treated as jspm-style dependencies.

Packages written as globals need a shim configuration to work properly in a modular environment. To shim a filesome/global.js within the package, we can write:

{"shim": {"some/global": {"deps": ["jquery"],"exports":"globalExportName"    }  }}

Bothdeps andexports are optional.

exports isdetected automatically by the SystemJS loader as any globals written by the script. In most cases this detection will work out correctly.

The shortcut form of"some/global": ["jquery"] is also supported if there are noexports.

Map configuration will rewrite internal requires to point to different local or external modules.

Consider a package which includes its own dependency,dep located atthird_party/dep. It could have a require statement internally something like:

require('dep');

In order to use the local version, we can write:

{"map": {"dep":"./third_party/dep"  }}

It can also be useful to reference a package by its own name within submodules:

{"map": {"thispackage":"."  }}

We can then have internal requires toimport 'thispackage/module' resolve correctly.

Map configuration can also reference dependency submodules.

We can also exclude modules entirely by mapping them to the empty module:

{"map": {"jquery":"@empty"  }}

The value returned will then be a Module object with no exports.

Documentation ishere

People often serve the front-end React app from the same host and port as their backend implementation.

Source:Proxying API Requests in Development

Source:Building for Relative Paths

See thisissue.

{"jest": {"verbose":true  }}

Source:jest docs

See:New configuration loader

If you're using this library you can define its config inpackage.json:

{"size-limit": [    {"limit":"9 KB","path":"index.js"    }  ]}

Source:size-limit

You cen specify options inpackage.json:

{"pwmetrics": {"url":"http://example.com/","expectations": {"ttfcp": {"warn":">=1500","error":">=2000"      }    }  }}

All available options arehere

Source:pwmetrics

Example:

"ava": {"require": ["@std/esm" ]}

Source:ava

Example:

"nyc": {"extension": [".js",".mjs"],"require": ["@std/esm"]}

Source:nyc

DEPRECATED

This option used to trigger an npm warning, but it will no longer warn. It is purely there for informational purposes. It is now recommended that you install any binaries as local devDependencies wherever possible.

Thestyle attribute inpackage.json is useful for importing CSS packages. Proposal ishere.

Supported by:parcelify,npm-less,rework-npm,npm-css.

See also:istf-spec.

Same asstyle but for less.

Supported by:npm-less.

The following fields are reserved for future expansion:build,default,email,external,files,imports,maintainer,paths,platform,require,summary,test,using,downloads,uid.

The following fields are reserved for package registries to use at their discretion:id,type.

All properties beginning with_ or$ are also reserved for package registries to use that their discretion.

Source:CommonJS wiki

Standard JS is a javaScript style guide, linter, and formatter, you can add some property to package.json, likeparser,ignore,globals,plugins.

Example:

"standard": {"parser":"babel-eslint","ignore": ["**/out/","/lib/select2/","/lib/ckeditor/","tmp.js"  ]}

See also:Standard JS