A workflow guide for npm package authors

11 min readMay 3, 2021

Releasing an npm package is like trekking through the wilderness. The ideal path will depend on how experienced you are, how much of a hurry you’re in, and whether you’re hiking alone or in a group. This post describes one way to plot a course (the best way).

Truth be told I’m writing this primarily for Future David, because I know he’ll forget the npm commands and make the same mistakes over and over again if I don’t write it all out for him. But maybe you’ll find it useful too.

Assumptions

I’m assuming you know what npm is and know how to publish a package. If I’ve assumed incorrectly, please do read npm’s Getting Started guide then come back so that I can be correct. You may also want to read npm’s Packages and Modules docs if I under-explain something.

It’s assumed that you’re using GitHub to track issues/PRs.

This post will revolve around a package called my-package that is currently on version 1.2.3.

OK let’s get into the four workflow stages:

Issues
Branches
Pull requests
Releases

1. Issues

Every piece of work on the codebase should be described in a GitHub issue. Stick to a pattern of one issue, one branch, one pull request. The aim is that years from now you can find your way from any single line of code, via git blame, to a commit, a PR, and an issue explaining the rationale behind that code.

Semver side note

Any work you do on a package is going to result in a new version, and at any point in time, a package’s next release could have one of three version numbers, according to the rules of semantic versioning.

For example, the next version of my-package (currently version 1.2.3) could be:

1.2.4 if it contains a fix (‘patch’)
1.3.0 if it contains a new feature (‘minor’)
2.0.0 if it contains a breaking change (‘major’)

The usual semver rules do not apply when the first number of the version is 0. This is confusing and not widely understood so you should not publish to npm with a version below 1.0.0 (npm agrees).

Some changes to the repository don’t require a version change, e.g. fixing a typo in the readme or…

A workflow guide for npm package authors

Assumptions

1. Issues

Semver side note

Written by David Gilbertson

More from David Gilbertson

87 Lesser-known Python Features

This post is for people who use Python daily, but have never actually sat down and read through all the documentation.

Can you learn machine learning in a year?

This post is for anyone considering a career move into the field of machine learning.

I’m harvesting credit card numbers and passwords from your site. Here’s how.

The following is a true story. Or maybe it’s just based on a true story. Perhaps it’s not true at all.

2D Tokenization for Large Language Models

This article is about how we process text before passing it to large language models, the problems with this approach, and an alternative…

Recommended from Medium

NPM

整理一下日常經常使用到的 npm 指令

Understanding Peer Dependencies: A Key Concept in Coding

What Peer Dependencies Are and How They Can Help Your Codebase

Lists

General Coding Knowledge

It's never too late or early to start something

Stories to Help You Grow as a Software Developer

Coding & Development

TypeScript NPM Package Publishing: A Beginner’s Guide

Learn how to publish your first NPM package with TypeScript.

Minifying TypeScript Output: Strategies for Reducing Bundle Size and Improving Performance

Explore strategies for minifying TypeScript output along with code examples.

What’s the difference between npm run dev, npm run build and npm run start in Next.js?

Ever wondered what goes different when we enter npm run dev and npm run start in console to run our next.js app? Here we have some answers

Handling Class Libraries in Node.js (With and Without TypeScript)

Writing a node class library is more confusing than it needs to be. Here’s a guide