Is there a way to simply uninstall all unused (undeclared) dependencies from a Node.js project (ones that are no longer defined in my package.json
.) When I update my application I like to have the unreferenced packages removed automatically.
node_modules
when they're removed from the respective package.json
?
Note: Recent npm
versions do this automatically when running npm install
if package-locks are enabled, so this is not necessary except for removing development packages with the --production
flag.
Run npm prune
to remove modules not listed in package.json
.
From npm help prune
:
This command removes "extraneous" packages. If a package name is provided, then only packages matching one of the supplied names are removed. Extraneous packages are packages that are not listed on the parent package's dependencies list. If the --production flag is specified, this command will remove the packages specified in your devDependencies.
If you're not worried about a couple minutes time to do so, a solution would be to rm -rf node_modules
and npm install
again to rebuild the local modules.
node_modules
also verifies the package.json
file describes a reproducible dependency graph. Removing and re-installing your node_modules
is basically a deploy test.
npm prune
didn't help one iota, but this did. My problem was a broken symlink.
rm -rf node_modules && npm install
punch it in walk away come back. Life is good.
You can use npm-prune to remove extraneous packages.
npm prune [[<@scope>/]<pkg>...] [--production] [--dry-run] [--json]
This command removes "extraneous" packages. If a package name is provided, then only packages matching one of the supplied names are removed.
Extraneous packages are packages that are not listed on the parent package's dependencies list.
If the --production flag is specified or the NODE_ENV environment variable is set to production, this command will remove the packages specified in your devDependencies. Setting --no-production will negate NODE_ENV being set to production.
If the --dry-run flag is used then no changes will actually be made.
If the --json flag is used then the changes npm prune made (or would have made with --dry-run) are printed as a JSON object.
In normal operation with package-locks enabled, extraneous modules are pruned automatically when modules are installed and you'll only need this command with the --production flag.
If you've disabled package-locks then extraneous modules will not be removed and it's up to you to run npm prune from time-to-time to remove them.
Use npm-dedupe to reduce duplication
npm dedupe
npm ddp
Searches the local package tree and attempts to simplify the overall structure by moving dependencies further up the tree, where they can be more effectively shared by multiple dependent packages.
For example, consider this dependency graph:
a
+-- b <-- depends on c@1.0.x
| `-- c@1.0.3
`-- d <-- depends on c@~1.0.9
`-- c@1.0.10
In this case, npm-dedupe will transform the tree to:
a
+-- b
+-- d
`-- c@1.0.10
Because of the hierarchical nature of node's module lookup, b and d will both get their dependency met by the single c package at the root level of the tree.
The deduplication algorithm walks the tree, moving each dependency as far up in the tree as possible, even if duplicates are not found. This will result in both a flat and deduplicated tree.
--production
flag. But my package.json file never udpated.
Success story sharing
package.json
. Is that right? So, the next update or install would have to reinstall them.package.json
, but leave bower. When I runnpm prune
, I expect all of karma, including its ownnode_modules
folder containing its dependencies, to be removed. What about bower's dependencies (bower-json, bower-logger, chmodr, fstream, glob, et al.). Technically, those aren't listed in my project'spackage.json
. Are those removed or not?node_modules
, but insidenode_modules/bower/node_modules
, "protected" bynode_modules/bower/package.json
. Dependencies of your package and that of your package's dependencies are not mixed.depcheck
package installed globally to check what packages are not being used. Then I go to the package-json and remove the unused packages. After those two steps, I runnpm prune
and everything ends right.