What is npm?

At a high level, npm can be thought of as two components:

The client (npm executable): a program on your computer that exposes a CLI to manipulate your package; and
The registry service (https://registry.npmjs.org by default): a server that stores package data and exposes it via a REST API.

The client is effectively a wrapper around the service, making requests to the registry via the REST API:

Depending on the command and the responses, the tool may then update:

node_modules/: the directory that contains the code and metadata of your dependencies;
package.json: the "package file" defining your own package and its metadata; and
package-lock.json: the "lock file" describing the current dependency tree in more detail.

Logging requests

If you want to know which REST API requests correspond to a given task, add --loglevel=http to your commands:

$ npm --loglevel=http info @textbook/build-info
npm http fetch GET 200 https://registry.npmjs.org/@textbook%2fbuild-info 771ms (cache revalidated)

@textbook/[email protected] | ISC | deps: none | versions: 16
# ...

Setting the registry

The default registry used by npm is https://registry.npmjs.org, but that can be configured. To change the repository for all packages, run:

$ npm config set registry={my-registry}

Alternatively you can configure repositories on a scope-by-scope basis, so that @myorg/{package} would be installed from a private repository but anything else comes from the default repository; the easiest way to do that is to log in to the

$ npm login --registry={registry} --scope={scope}

Logging requests​

Setting the registry​

Logging requests

Setting the registry