Why is my "npm install" pulling in unnecessary libraries that I didn't even mention?

Question

Why is my "npm install" pulling in unnecessary libraries that I didn't even mention?

I've listed my dependencies in package.json as follows:

{
  "cookie-parser": "~1.0.1",
  "body-parser": "~1.0.0",
  "express": "~3.5.0",
  "socket.io":"1.0",
  "mongodb":"2.2.21",
  "request":"2.79.0", 
  "q":"1.4.1", 
  "bcryptjs":"2.4.0", 
  "jsonwebtoken":"7.2.1",
  "lodash":"4.17.4",
  "express-jwt": "5.1.0"
}

After running an NPM install, I encountered this unexpected output: https://i.sstatic.net/tVUVz.jpg

I'm puzzled by why I am receiving more dependencies than what I specified. The strange part is that on one PC I only get the requested dependencies, but on my laptop, all these additional ones are installed. It's quite confusing for me. I have the complete output available, but it appears messy if shared here.

javascript json npm mean

Answer 1

Answer №1

Installing the selected packages comes with dependencies attached - therefore, be aware that by installing them you are also bringing along their dependencies.

Answer 2

Installing the selected packages comes with dependencies attached - therefore, be aware that by installing them you are also bringing along their dependencies.

Answer 3

Answer №2

To assist you, I have gone ahead and simulated a mock package.json with all of your required dependencies and proceeded to run an npm install.

It is worth noting that while the packages displayed were indeed those listed originally, executing an npm ls command will reveal the complete list of dependencies installed by each of those modules, as pointed out by Rivera in a response to your query.

If you wish to explore the entire dependency structure further, you can utilize the npm ls command. Detailed information is available at: https://docs.npmjs.com/cli/ls

Answer 4

To assist you, I have gone ahead and simulated a mock package.json with all of your required dependencies and proceeded to run an npm install.

It is worth noting that while the packages displayed were indeed those listed originally, executing an npm ls command will reveal the complete list of dependencies installed by each of those modules, as pointed out by Rivera in a response to your query.

If you wish to explore the entire dependency structure further, you can utilize the npm ls command. Detailed information is available at: https://docs.npmjs.com/cli/ls

Answer 5

Answer №3

To avoid any confusion regarding packages (which I've experienced myself), the best solution is to remove the node_modules folder and then run npm i again. Make sure that the list of dependencies in your package.json file (including dev-dependencies and regular ones) matches the output of the command: npm ls --depth="0".

It's important that on both your PC and laptop, the result of running npm ls --depth="0" matches the combined list of all dependencies listed in your package.json. If they don't match, it could imply that npm has taken matters into its own hands 😁.

Some readers on SO may have down-voted your question assuming you didn't grasp the concept of dependencies having their own dependencies, hence the creation of additional folders.

I sincerely hope this isn't the case and that you won't be deterred by any negativity encountered on SO.

Another potential explanation for your situation could be if you forgot to include --save when installing dependencies. This would result in the dependencies being saved in the node_modules folder without being added to your package.json, potentially leading to unnecessary installations.

By deleting the node_modules folder and reinstalling, only the dependencies specified in the package.json will be installed, ensuring a clean slate. This is why removing the node_modules folder first is recommended. Automated npm publishing tools like my favorite np often perform a similar wipe and reinstall process before publishing to avoid any lingering issues in the node_modules directory.

For more information on the importance of using --save, I recommend checking out this insightful answer.

In response to previous suggestions, Jonathan mentioned using npm ls, but I personally find it cumbersome for anything beyond simple libraries—too much scrolling. It's better to stick with npm ls --depth="0" to focus solely on the top level of your dependencies.

Answer 6