19

I read about using the --save option here and and it says that it will add the installed package to your package.json file. But why isn't this automatic? Wouldn't you always want this?

My understanding is that the node_modules is the directory that actually holds the code of your package and package.json is the reference/list of all the packages you have installed so that when you push it up to a repo, you only push the latter up and not the former, to save space.

Then when other people clone or fork off your repo, they will have the package.json to reference and install all the necessary packages to work off of your project.

Thus, wouldn't you always want your packages to be in the package.json in order for everyone to get what is needed?

Community
  • 1
  • 1
stackjlei
  • 9,485
  • 18
  • 65
  • 113
  • 3
    Maybe you're experimenting with a new module and don't know if you're going to keep it yet. – webbm Apr 30 '17 at 00:04
  • @webbm so at that point you can just easily uninstall it right? – stackjlei Apr 30 '17 at 00:06
  • 2
    Tough to say why npm decided to do this, but the popular alternative [yarn](https://yarnpkg.com/en/)'s add command does save dependencies by default. – Alexander O'Mara Apr 30 '17 at 00:07
  • @stackjlei Yep, that'd be a simple example. Not sure about the actual decision that went into the design of the process of course. – webbm Apr 30 '17 at 00:07
  • 1
    Calls for speculation, but I will point out that you sometimes want to save to dev dependencies rather than dependencies and also you don't want to save for a global install. I realize there are ways around both, just making the observation – Paul Apr 30 '17 at 00:37
  • @Paul you can't run `save` for a global install right? what would be the point? it's just on your machine anyway at that point? Or is there still a package.json file somewhere on your machine? – stackjlei Apr 30 '17 at 01:04
  • That's my point, if Mom were to autosave without the --save flag, it makes their logic more complicated to account for --save-dev and -g options. – Paul Apr 30 '17 at 13:21
  • Possible duplicate of [What is the --save option for npm install?](http://stackoverflow.com/questions/19578796/what-is-the-save-option-for-npm-install) – Farside May 04 '17 at 09:26
  • [`npm install` now saves to package.json by default](https://docs.npmjs.com/cli/install.html). You need to use to --no-save flag if you don't want it getting added to your project's package.json – Govind Rai May 13 '19 at 04:24

2 Answers2

15

With package managers like Bower or npm, I think --save is not automatic for the following reasons:

  1. Not all dependencies are production dependencies (see --save-dev).
  2. Sometimes you need to test a package without altering your package.json.
  3. You may prefer to install locally some packages that your colleagues installed globally on their computer.

Packages installed without --save are not considered as dependencies and are kept separate. You can detect them easily as extraneous packages with npm ls and remove them instantly with npm prune.

Now if you think extraneous packages are a bad thing, you can of course use --save everytime you install a new package. For practical reasons, be aware that you can use the -S shortcut instead of --save. Moreover, if you often forget to use the option, you could define an alias in your shell.

Finally, if you use Yarn, notice that the yarn add command will add each package as a dependency. No --save flag anymore.

Community
  • 1
  • 1
Badacadabra
  • 8,043
  • 7
  • 28
  • 49
  • 1
    if I install a package without a --save option the first time to test it out and end up liking it and want to keep it in my package.json, do I have to enter its name manually or can I just re-run the npm i with the --save option? – stackjlei Apr 30 '17 at 01:07
  • 5
    You could modify your `package.json` by hand (not recommended) or re-run `npm i -S`. – Badacadabra Apr 30 '17 at 01:09
  • 3
    [`npm install` now saves to package.json by default](https://docs.npmjs.com/cli/install.html). You need to use to --no-save flag if you don't want it getting added to your project's package.json – Govind Rai May 13 '19 at 04:24
3

To quote one of the npm maintainers:

In the last couple years, quite a bit has changed here, which renders parts of this issue moot: [...] It’s [...] easy enough to run npm config set save true as an end users. That said, there are still a number of rough spots when making --save the default:

  • While the cognitive load of having to remember --save or --save-dev at install time is an irritating niggle, it does force you to choose at install time whether a package is a dependency or devDependency.
  • Moving packages between sections in package.json is still a little more difficult than it should be, which makes cleaning up after things when you forget to specify that somethi[ng] is a devDependency. [...] I don’t think it’s in the best interests, as a result, to opt everyone into saving everything by default.

(from https://github.com/npm/npm/issues/5108)

Vinz243
  • 9,654
  • 10
  • 42
  • 86
  • [`npm install` now saves to package.json by default](https://docs.npmjs.com/cli/install.html). You need to use to --no-save flag if you don't want it getting added to your project's package.json – Govind Rai May 13 '19 at 04:23