npm, pnpm, and Yarn

Node package managers explained: package.json, the lockfile that pins your real dependency tree, semver ranges, and why pnpm's content-addressed store is so fast.

1. The Manifest and the Lockfile package.json is your wish list of dependencies and ranges; the lockfile is the receipt that pins the exact resolved tree, including every transitive dependency, so installs are reproducible.
2. Installing, Updating, and Workspaces The everyday commands across npm, pnpm, and Yarn; how semver caret and tilde ranges decide what an update actually changes; and how workspaces hold many packages in one repo.
3. node_modules, the pnpm Store, and the Gotchas Why node_modules got so big, how pnpm's content-addressed store makes installs fast and disk-cheap, the strictness that catches phantom dependencies, and the traps that bite every team.