Difference between NPM and NPX in JavaScript
David Y.
—The Problem
What’s the difference between npm and npx in JavaScript?
The Solution
The command npm is used to download JavaScript packages from Node Package Manager, and npx is used to execute JavaScript packages downloaded this way.
This command will download the NPM package create-react-app to a subdirectory of the current working directory named node_modules:
npm install create-react-app
This command will execute the NPM package create-react-app with the name argument myreactapp, creating a bare-bones React app in the subdirectory myreactapp:
npx create-react-app myreactapp
To understand why both of these commands are needed, we need to consider npm’s approach to dependency management.
Most non-trivial projects require third-party libraries, commonly called packages, to extend their capabilities and speed up development. These packages must be locally installed and correctly versioned. Problems can arise when multiple versions of a single package are used on the same system. For example, you may have a user-facing web application and an API running on the same server which were developed at different times by different developers and are dependent on different versions of the same package.
A variety of solutions have been attempted to solve this problem, including version-numbered installation directories, virtual environments, and containerization (most famously Docker). The npm solution to the problem is to install all packages required by a given project in that project’s directory, in a subdirectory called node_modules. NPM can install packages globally, but this is not its default behavior. Installing packages per project prevents version conflicts from arising without the need for the added complexity of environments or containers, at the cost of disk space.
However, this approach means that packages are not installed in a way that adds them to the user’s PATH and thus they cannot easily be directly invoked. This is fine for packages that are only used in project code, but presents a problem for packages containing executable commands. Without an additional tool for invoking these executables, developers would need to dig through their project’s node_modules directory to find the right file.
Enter npx. Running npx with the name of a package will search node_modules for that package and run it. Packages that are not found will first be downloaded and then run. Let’s compare the process for creating a React app without npx and with npx.
Without npx:
npm install create-react-app node ./node_modules/create-react-app/index.js myreactapp
With npx:
npx create-react-app myreactapp
- SentryWorkshop: Debugging your Node.js Project With Sentry
- Syntax.fmListen to the Syntax Podcast
- Community SeriesIdentify, Trace, and Fix Endpoint Regression Issues
- ResourcesBackend Error Monitoring 101
- Listen to the Syntax Podcast
![Syntax.fm logo]()
Tasty treats for web developers brought to you by Sentry. Get tips and tricks from Wes Bos and Scott Tolinski.
SEE EPISODES
Considered “not bad” by 4 million developers and more than 100,000 organizations worldwide, Sentry provides code-level observability to many of the world’s best-known companies like Disney, Peloton, Cloudflare, Eventbrite, Slack, Supercell, and Rockstar Games. Each month we process billions of exceptions from the most popular products on the internet.
A peek at your privacy
Here’s a quick look at how Sentry handles your personal information (PII).
×Who we collect PII from
We collect PII about people browsing our website, users of the Sentry service, prospective customers, and people who otherwise interact with us.
What if my PII is included in data sent to Sentry by a Sentry customer (e.g., someone using Sentry to monitor their app)? In this case you have to contact the Sentry customer (e.g., the maker of the app). We do not control the data that is sent to us through the Sentry service for the purposes of application monitoring.
Am I included?PII we may collect about you
- PII provided by you and related to your
- Account, profile, and login
- Requests and inquiries
- Purchases
- PII collected from your device and usage
- PII collected from third parties (e.g., social media)
How we use your PII
- To operate our site and service
- To protect and improve our site and service
- To provide customer care and support
- To communicate with you
- For other purposes (that we inform you of at collection)
Third parties who receive your PII
We may disclose your PII to the following type of recipients:
- Subsidiaries and other affiliates
- Service providers
- Partners (go-to-market, analytics)
- Third-party platforms (when you connect them to our service)
- Governmental authorities (where necessary)
- An actual or potential buyer
We use cookies (but not for advertising)
- We do not use advertising or targeting cookies
- We use necessary cookies to run and improve our site and service
- You can disable cookies but this can impact your use or access to certain parts of our site and service
Know your rights
You may have the following rights related to your PII:
- Access, correct, and update
- Object to or restrict processing
- Port over
- Opt-out of marketing
- Be forgotten by Sentry
- Withdraw your consent
- Complain about us
If you have any questions or concerns about your privacy at Sentry, please email us at compliance@sentry.io.
If you are a California resident, see our Supplemental notice.