46

I'm adding dependencies to a package.json that will be used as part of a provisioning process for a virtual machine. As such, I don't actually need to install the modules locally since the provisioner will do that for me inside the VM. So is there any way to do the following:

npm install --save <module>

So that it only creates a dependency for the latest version of the module in package.json without actually downloading the module or creating a node_modules folder?

The --dry-run option is close, as it doesn't create a node_modules folder but it also doesn't write to package.json either.

For now, I'm manually doing the following each time I need to update packages before re-provisioning the VM:

rm -rf node_modules

Other reasons for this might include being able to easily build a package.json file in low-bandwidth situations such as tethering, where you know you'll need the module eventually but don't want to spare the bandwidth.

Soviut
  • 88,194
  • 49
  • 192
  • 260
  • 1
    Did you ever find a solution to this? – Geige V Apr 07 '18 at 03:56
  • @GeigeV So far I've continued to use the "install and remove node_modules" approach. The low bandwidth solution seems to be very carefully checking the npm website for the current versions and manually adding them to your `package.json` file. – Soviut Apr 07 '18 at 08:07
  • Combining the commands, whilst not an npm solution, does the trick as a one-liner: `npm i && rm -r node_modules` – user1451204 Jun 21 '21 at 09:01

6 Answers6

16

Was searching for the solution. Haven't found, then made a script which adds dependencies (latest or specified versions) to the package.json file skipping the installation process.

https://www.npmjs.com/package/add-dependencies

Installation

If not using with npx (see below):

$ npm install add-dependencies [-g]

Usage

Run:

$ add-dependencies [package_file] <dependencies> [target] [--no-overwrite]

or with npx:

$ npx add-dependencies [package_file] <dependencies> [target] [--no-overwrite]

where dependencies is the list of dependencies divided by space, and target is one of the following:

  • --dev / --save-dev / -D for devDependencies
  • --peer / --save-peer / -P for peerDependencies
  • --optional / --save-optional / -O for optionalDependencies

If no target argument passed, dependencies are written to dependencies.

If no package_file argument passed, the script searches for a package.json file within the current working directory.

Use --no-overwrite flag to prevent already existing packages in package.json from being overwritten.

Example:

$ add-dependencies /home/user/project/package.json moment@2.0.0 react@16.8 redux eslint --dev

or with npx:

$ npx add-dependencies /home/user/project/package.json moment@2.0.0 react@16.8 redux eslint --dev

Hope this could help someone else.

Arfeo
  • 870
  • 7
  • 20
11

Interestingly combining --package-lock-only with --no-package-lock seems to do this

npm install --package-lock-only --no-package-lock PACKAGE

This does not create or update the package-lock.json file. Only adds an entry to the package.json

UPDATE

This was actually a bug and is now fixed in npm 6.9.0

https://github.com/npm/cli/pull/146

https://npm.community/t/release-npm-6-9-0/5911

esamatti
  • 18,293
  • 11
  • 75
  • 82
8

There is no way to do that with npm that I'm aware of.

There are two npm packages for doing this; I've never used either of them, but they might be worth a try:

Hope this helps!

RyanZim
  • 6,609
  • 1
  • 27
  • 43
  • 2
    Note that both packages `npm-add` and `adddep` depend on the `npm` package which is enormous. – brillout Jun 07 '18 at 13:50
  • 2
    @AlexanderMills npm v6.9.0 is ~30MB on my machine – TehShrike May 22 '19 at 16:41
  • It's not really about the size for me. I use Docker to run NPM and NodeJS, but edit files on the host system. I don't want to install anything through NPM on my host system. – thejhh May 21 '21 at 15:08
  • Unfortunately neither of these packages work with the latest version of npm. `npm-add` is locked to npm v1.2.18 and `adddep` (which was forked from npm-add) [doesn't work with npm v8.0.0 and above](https://github.com/19h/npm-adddep/issues/2). – Besworks Apr 23 '22 at 20:26
  • Answer is outdated https://stackoverflow.com/a/73518727/2950649 should be accepted correct answer. – frank-dspeed Feb 05 '23 at 04:00
4

As of Npm > 8 the correct answer is

npm pkg set devDependencies.rollup="*" devDependencies.typescript="4.5"

Explaination npm pkg set can change your current package.json

see: https://docs.npmjs.com/cli/v7/commands/npm-pkg

frank-dspeed
  • 942
  • 11
  • 29
0

I made a very simple way to do this.

Add this to the scripts section of your package.json:

  "scripts": {
    "no-dl": "npm install --package-lock-only --no-package-lock"
  }

Then use it like this:

npm run no-dl <package-name>

I've called it no-dl — pick your own name as needed.

jv-k
  • 618
  • 5
  • 20
-2

npm install --save packagename then npm uninstall packagename (without --save flag) accomplishes this, though an empty node_modules folder is created

seedsseedsseeds
  • 57
  • 1
  • 3
  • This doesn't work in Node 5+ because the `--save` flag is implicit. – Soviut Nov 02 '17 at 16:59
  • 1
    `--save` is only implicit for install, not for uninstall. Using --no-save is also an option. This isn't a solution for your low-bandwidth scenario either way, as it unnecessarily downloads the package contents – seedsseedsseeds Nov 14 '17 at 21:22