Creating a JavaScript Development Environment: Package Management

coryWelcome to Part 3 of this review of the Pluralsight course “Creating a JavaScript Development Environment” by Cory House.

Cory is a Microsoft MVP in C#, founder of, avid tech reader, and speaker.

He believes in clean code, pragmatic development, and responsive native UIs.

He has also created, and has the authored Pluralsight courses including Building Applications with React and Flux and Building Applications with React and Redux in ES6.

Also in this series:
Part 1 – You Need a Starter Kit
Part 2 – Editors and Configuration
Part 3 – Package Management
Part 4 – Development Web Server
Part 5 – Automation
Part 6 – Transpiling
Part 7 – Bundling
Part 8 – Linting
Part 9 – Testing and Continuous Integration
Part 10 – HTTP Calls
Part 11 – Project Structure
Part 12 – Production Build
Part 13 – Production Deploy

Package Management

Package Managers

Cory gives a very brief overview of Bower, npm, JSPM, Jam and volo. He recommends npm.

Not mentioned is Yarn. See for details on that.

Demo: Install Node and npm Packages

We see how to download and install Node.

You can find the package.json code here:

To download all of the packages specified in this file, type the following into the command prompt:

> npm install

That is a lot of JavaScript, and any of these packages could potentially contain one or more security vulnerabilities.

Package Security

There are two security scanning solutions available: retire.js and Node Security Platform, and we use Node Security Platform in this course.

There a number of options for when to run the security check. For maximum security it is best to run the security check on npm start, and we’ll see how to do this.

Demo: Node Security Platform

Install with the command:

> npm install -g nsp

Then run it:

> nsp check

Continue to Part 4: Development Web Server

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s