npm/pnpm/yarn Rules
Install, update, and manage JavaScript packages. npm, pnpm, and yarn commands for dependency management.
3 rules
Lock File Management Rules
Beginner
Always commit package-lock.json, use npm ci in CI environments, keep only one lock file per project, and understand when to update vs reinstall dependencies.
globs: **/package.json, **/package-lock.json, **/.npmrc
lockfile, npm-ci, dependency-management, reproducible-builds
View Rule
package.json Standards
Beginner
Maintain clean package.json files — required fields for publishing, proper version ranges, organized scripts, and correct dependency classification between dependencies and devDependencies.
globs: **/package.json, **/.npmrc
package-json, versioning, dependencies, scripts
View Rule
NPM Publishing Checklist
Intermediate
Follow the complete checklist before publishing npm packages — proper package.json fields, files whitelist, prepublish checks, semantic versioning, and 2FA requirement.
globs: **/package.json, **/.npmrc, **/.npmignore
publishing, npm-publish, semver, package-exports
View Rule