662

In the Angular Component Router documentation I just stumbled over a npm command I have never seen before and I don't understand what is going on:

npm install @angular/router --save

What is the meaning of @angular/router?

Is the whole string a package name? But then I dont find that package when I use the search on npmjs.com. And also the commandline search does return no such package:

npm search @angular/router
:No match found for "@angular/router"

So is the @angular/ some kind of prefix mechanism in npm? And how does it work?

Improve this question
2
  • 44
    npm help scope
    – trailing slash
    Commented Jul 11, 2018 at 17:54
  • 9
    @trailingslash That's a great answer! (shouldn't be a comment.)
    – lmat - Reinstate Monica
    Commented Jun 4, 2019 at 14:42

4 Answers 4

Reset to default
687

This is a new feature of NPM called 'scoped packages', which effectively allow NPM packages to be namespaced. Every user and organization on NPM has their own scope, and they are the only people who can add packages to it.

This is useful for several reasons:

  • It allows organizations to make it clear which packages are 'official' and which ones are not.
    • For example, if a package has the scope @angular, you know it was published by the Angular core team.
  • The package name only has to be unique to the scope it is published in, not the entire registry.
    • For example, the package name http is already taken in the main repository, but Angular is able to have @angular/http as well.

The reason that scoped packages don't show up in public search is because a lot of them are private packages created by organizations using NPM's paid services, and they're not comfortable opening the search up until they can be totally certain they're not going to make anything public that shouldn't be public - from a legal perspective, this is pretty understandable.

For more information, see the NPM docs and the Angular docs.

EDIT: It appears that public scoped packages now show up properly in search!

Improve this answer
1
140

Basically there are two types of modules on npm, they are -

  • Global modules - these are modules that follow the naming convention that exists today. You require('foo') and there is much rejoicing. They are owned by one or more people through the npm install XYZ command.

  • Scoped modules - these are new modules that are "scoped" under an organization name that begins with an @ the organisation's name, a slash and finally the package name, e.g. @someOrgScope/packagename. Scopes are a way of grouping related packages together, and also affect a few things about the way npm treats the package.

A scoped package is installed by referencing it by name, preceded by an @-symbol, in npm install:

npm install @myorg/mypackage

see also

Improve this answer
31

@ has different meanings according to its place where it is in the npm package name.

A package is:

  1. A folder containing a program described by a package.json file.
  2. A gzipped tarball containing (1).
  3. A url that resolves to (2).
  4. A <name>@<version> that is published on the registry with (3).
  5. A <name>@<tag> that points to (4).
  6. A <name> that has a “latest” tag satisfying (5).
  7. A <git remote url> that resolves to (1).

npm install [<@scope>/]<name>

<scope> is optional. The package will be downloaded from the registry associated with the specified scope. If no registry is associated with the given scope the default registry is assumed.

Note: if you do not include the @-symbol on your scope name, npm will interpret this as a GitHub repository instead, see below. Scopes names must also be followed by a slash.

npm install [<@scope>/]<name>@<tag>

Install the version of the package that is referenced by the specified tag. If the tag does not exist in the registry data for that package, then this will fail.

Example:

npm install packagename@latest
npm install @myorg/mypackage@latest

npm install [<@scope>/]<name>@<version>

Install the specified version of the package. This will fail if the version has not been published to the registry.

Example:

npm install [email protected]
npm install @myorg/[email protected]

npm install [<@scope>/]<name>@<version range>

Install a version of the package matching the specified version range.

Example:

npm install packagename@">=0.1.0 <0.2.0"
npm install @myorg/privatepackage@">=0.1.0 <0.2.0"
Improve this answer
6

What are scoped modules.

All npm packages have a name and these name should be unique. A scoped npm package follows the same rules as other npm package names (URL-safe characters, underscores or no leading dots). When used in package names, scopes are preceded by an @ symbol and followed by a slash /, e.g.

@somescope/somepackagename

The npm scoped modules are usually grouped related npm packages together. When you sign up for an npm user account or create an organization. Each npm user/organization has their own scope, and only they and their employees can add packages in your scope. Usually you are granted a scope that matches your user or organization name. You can use this scope as a namespace for related packages.

As a npm user you don't have to worry about someone taking your package name ahead of you. Thus using scope module is also a good way to organize the npm packages for an organizations.

Advantages of using scoped packages:

  • Scoped packages allows organizations to manage the private packages.
  • The Scoped package name only has to be unique to the scope in which it is published in, not the entire npm registry.

Usually organizations choose to keep their scoped packages private and they don't show up in public search for various reasons.

Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.