npm3 Duplication and Deduplication

Let's continue with our example before. Currently we have an application that depends on 2 modules:

Module-A, depends on Module B v1.0
Module-C, depends on Module B v2.0

our app so far

Now we ask ourselves, what happens if we install another module that depends on Module B v1.0? or Module B v2.0?

Example

Ok, so let's say we want to depend on another package, module D. Module D depends on Module B v2.0, just like Module C.

new module dep, D

Because B v1.0 is already a top-level dependency, we cannot install B v2.0 as a top level dependency. Therefore Module B v2.0 is installed as a nested dependency of Module D, even though we already have a copy installed, nested beneath Module C.

no dedupe

If a secondary dependency is required by 2+ modules, but was not installed as a top-level dependency in the directory hierarchy, it will be duplicated and nested beneath the primary dependency.

However, if a secondary dependency is required by 2+ modules, but is installed as a top-level dependency in the directory hierarchy, it will not be duplicated, and will be shared by the primary dependencies that require it.

For example, let's say we now want to depend on Module E. Module E, like Module A, depends on Module B v1.0.

new module dep, E

Because B v1.0 is already a top-level dependency, we do not need to duplicate and nest it. We simply install Module E and it shares Module B v1.0 with Module A.

dedupe

This appears like this in the terminal:

tree2

Now-- what happens if we update Module A to v2.0, which depends on Module B v2.0, not Module B v1.0?

bump Module A to version 2, deps on Bv2

The key is to remember that install order matters.

Even though Module A was installed first (as v1.0) via our package.json (because it is ordered alphabetically), using the interactive npm install command means that Module A v2.0 is the last package installed.

As a result, npm3 does the following things when we run npm install mod-a@2 --save:

it removes Module A v1.0
it installs Modules A v2.0
it leaves Module Bv1.0 because Module E v1.0 still depends on it
it installs Module Bv2.0 as a nested dependency under Module A v2.0, since Module B v1.0 is already occupying the top level in the directory hierarchy

bv1.0 stays even though a doesn't dep on it anymore

This looks like this in the terminal:

tree3

Finally, let's also update Module E to v2.0, which also depends on Module B v2.0 instead of Module B v1.0, just like the Module A update.

bump Module E to version 2, deps on Bv2

npm3 performs the following things:

it removes Module E v1.0
it installs Module E v2.0
it removes Module B v1.0 because nothing depends on it anymore
it installs Module B v2.0 in the top level of the directory because there is no other version of Module B there

now we have Bv2.0 everywhere

This looks like this in the terminal:

tree4

Now, this is clearly not ideal. We have Module B v2.0 in nearly every directory. To get rid of duplication, we can run:

npm dedupe

This command resolves all of the packages dependencies on Module B v2.0 by redirecting them to the top level copy of Module B v2.0 and removes all the nested copies.

deduped

This looks like this in the terminal:

tree5

Last modified December 30, 2015 Found a typo? Send a pull request!

Getting Started

How npm works

Organizations

Using npm

coding-style npm's "funny" coding style

config More than you probably want to know about npm configuration

developers Developer Guide

disputes Handling Module Name Disputes

orgs Working with Teams & Orgs

registry The JavaScript Package Registry

removing-npm Cleaning the Slate

scope Scoped packages

scripts How npm handles the "scripts" field

semver The semantic versioner for npm

npm On-Site

CLI Commands

access Set access level on published packages

adduser Add a registry user account

bin Display npm bin folder

bugs Bugs for a package in a web browser maybe

build Build a package

bundle REMOVED

cache Manipulates packages cache

completion Tab Completion for npm

config Manage the npm configuration files

dedupe Reduce duplication

deprecate Deprecate a version of a package

dist-tag Modify package distribution tags

docs Docs for a package in a web browser maybe

edit Edit an installed package

explore Browse an installed package

help Get help on npm

help-search Search npm help documentation

init Interactively create a package.json file

install Install a package

install-test

link Symlink a package folder

logout Log out of the registry

ls List installed packages

npm javascript package manager

outdated Check for outdated packages

owner Manage package owners

pack Create a tarball from a package

ping Ping npm registry

prefix Display prefix

prune Remove extraneous packages

publish Publish a package

rebuild Rebuild a package

repo Open package repository page in the browser

restart Restart a package

root Display npm root

run-script Run arbitrary package scripts

search Search for packages

shrinkwrap Lock down dependency versions

star Mark your favorite packages

stars View packages marked as favorites

start Start a package

stop Stop a package

tag Tag a published version

team Manage organization teams and team memberships

test Test a package

uninstall Remove a package

unpublish Remove a package from the registry

update Update a package

version Bump a package version

view View registry info

whoami Display npm username

Configuring npm

folders Folder Structures Used by npm

npmrc The npm config files

package.json Specifics of npm's package.json handling

npm policy documents

npm3 Duplication and Deduplication

Example

Getting Started

How npm works

Private Modules

Organizations

Using npm

npm On-Site

CLI Commands

Configuring npm

npm policy documents

View All On One Page