Concept 12: Development Workflow Essentials

Introduction

Package managers like npm help you use code libraries built by other developers, while version control systems like Git track changes and enable safe collaboration.

Learning Objectives

By the end of this lesson, you will:

• Understand what npm is and how to use essential commands
• Read and modify package.json files confidently
• Grasp semantic versioning (1.2.3) and version ranges
• Use Git to track code changes and write meaningful commit messages
• Leverage AI to help with package management and version control tasks

Part One: NPM Fundamentals (15 minutes)

What Is npm?

npm (Node Package Manager) is the default package manager for JavaScript.

Key Concepts:

• Package: A reusable code library (e.g., express for web servers, axios for HTTP requests)
• Dependency: A package your project needs to work
• Registry: The online database where npm packages are stored (npmjs.com)
• node_modules: The folder where installed packages live

Why npm matters:

• Access to 2+ million open-source packages
• Share your own code with the world
• Manage project dependencies automatically
• Works seamlessly with AI code generation

Installing Packages

Basic Installation

# Install a package and add to dependencies
npm install axios

# Short version (same command)
npm i axios

# Install multiple packages at once
npm install express mongoose dotenv

What happens:

1. npm downloads the package from the registry
2. Saves it to node_modules/ folder
3. Updates package.json to track the dependency
4. Creates package-lock.json to lock exact versions

Development Dependencies

Some packages are only needed during development (not in production):

# Install as dev dependency
npm install --save-dev nodemon

# Short version
npm i -D eslint prettier jest

Examples of dev dependencies:

• nodemon - Auto-restart server on file changes
• eslint - Code quality checker
• jest - Testing framework
• prettier - Code formatter

Why distinguish?

• Keeps production builds smaller
• Clarifies which tools are for development vs. runtime
• Helps deployment systems install only necessary packages

Understanding package.json

Example package.json:

{
  "name": "spelling-bee-app",
  "version": "1.0.0",
  "description": "Interactive spelling game with AI integration",
  "main": "index.js",
  "scripts": {
    "start": "node server.js",
    "dev": "nodemon server.js",
    "test": "jest"
  },
  "dependencies": {
    "express": "^4.18.2",
    "axios": "^1.4.0",
    "dotenv": "^16.3.1"
  },
  "devDependencies": {
    "nodemon": "^3.0.1",
    "jest": "^29.6.2"
  },
  "keywords": ["education", "spelling", "game"],
  "author": "Your Name",
  "license": "MIT"
}

Key sections explained:

Running npm Scripts

"scripts": {
  "start": "node server.js",
  "dev": "nodemon server.js",
  "test": "jest --coverage",
  "lint": "eslint .",
  "format": "prettier --write ."
}

Running scripts:

# Run the "start" script
npm start

# Run the "dev" script
npm run dev

# Run the "test" script
npm test

# Run custom scripts (need "run")
npm run lint
npm run format

💡 Tip: Use npm run to see all available scripts in your project.

The node_modules Folder

Critical Rule: NEVER COMMIT node_modules

Why?

• Massive size (100+ MB for small projects)
• Can be regenerated with npm install
• Contains platform-specific binaries

How to exclude from Git:

Create a .gitignore file in your project root:

# .gitignore
node_modules/
.env
.DS_Store

When sharing your project:

1. Share package.json and package-lock.json
2. Recipient runs npm install
3. Their node_modules generates automatically
4. Everyone has identical dependencies!

Part 2: Version Management (10 minutes)

Semantic Versioning (SemVer)

npm packages use semantic versioning: MAJOR.MINOR.PATCH

Format: X.Y.Z

1.4.7
↑ ↑ ↑
│ │ └─ PATCH: Bug fixes (backwards compatible)
│ └─── MINOR: New features (backwards compatible)
└───── MAJOR: Breaking changes (NOT backwards compatible)

Examples:

Version Ranges in package.json

Symbols control which updates are allowed:

Checking Package Versions

See installed versions:

# List all dependencies
npm list

# List top-level packages only
npm list --depth=0

# Check specific package
npm list axios

Output:

spelling-bee-app@1.0.0
├── axios@1.4.0
├── express@4.18.2
└── dotenv@16.3.1

Check for outdated packages:

npm outdated

Example output:

Package    Current  Wanted  Latest  Location
express    4.18.2   4.18.5  4.19.0  node_modules/express
axios      1.4.0    1.4.3   1.6.0   node_modules/axios

Interpretation:

• Current: What you have installed
• Wanted: Latest version matching your package.json range
• Latest: Newest version available
• Red = major update, Yellow = minor/patch update

Update packages:

# Update to "Wanted" versions (safe)
npm update

# Update specific package
npm update express

# Update to "Latest" (may break things!)
npm install express@latest

Resolving Dependency Conflicts

Sometimes packages have conflicting dependency requirements.

Common error:

npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR! Could not resolve dependency:
npm ERR! peer react@"^18.0.0" from react-dom@18.2.0

Solution 1: Use --legacy-peer-deps

npm install --legacy-peer-deps

What it does: Ignores peer dependency conflicts (uses older resolution algorithm).

When to use:

• Working with older packages not yet updated for modern npm
• Temporary workaround while waiting for package updates

💡 Note: npm 11.6.2 (latest as of 2025) includes an improved dependency resolver that handles conflicts better than older versions. If you encounter persistent dependency issues, ensure you're running npm --version >= 11.0.

Solution 2: Use --force

npm install --force

What it does: Forces installation despite conflicts.

Warning: May cause runtime errors. Use cautiously!

Solution 3: Check npm version

Some projects require older npm versions:

# Check your npm version
npm --version

# Update npm
npm install -g npm@latest

# Use specific npm version (with nvm)
nvm use 16

Part 3: Git Basics (15 minutes)

Why Version Control Matters

Git saves snapshots of your code, enabling you to track changes and revert to previous versions.

Essential Git Commands

One. Initialize a Repository

# Turn current folder into a Git repository
git init

What happens:

• Creates hidden .git folder
• Starts tracking changes
• Enables version control

When to use: Starting a new project.

2. Check Repository Status

git status

Example output:

On branch main

Changes not staged for commit:
  modified:   script.js
  modified:   style.css

Untracked files:
  newfile.js

Interpretation:

• Modified: Files changed since last commit
• Untracked: New files Git doesn't know about yet
• Branch: Current working branch (usually main)

When to use: Before committing to see what changed.

3. Stage Changes

# Stage specific file
git add script.js

# Stage multiple files
git add script.js style.css

# Stage all changes (use carefully!)
git add .

# Stage all JavaScript files
git add *.js

What staging means:

• Preparing files for the next commit
• Like putting items in a shopping cart before checkout
• Allows selective commits (only commit related changes together)

4. Commit Changes

# Commit with message
git commit -m "Add difficulty selector to spelling game"

# Commit with detailed message
git commit -m "Add difficulty selector" -m "Users can now choose Easy, Medium, or Hard modes. Each mode filters words by difficulty level."

# Stage and commit in one command
git commit -am "Fix typo in instructions"

What a commit does:

• Saves a snapshot of your code at this moment
• Records who made the change and when
• Allows reverting to this point later

5. Working with Branches (Modern Commands)

Switch to an existing branch:

# Modern way (Git 2.23+)
git switch main

# Traditional way (still works)
git checkout main

Create and switch to a new branch:

# Modern way
git switch -c feature-difficulty-selector

# Traditional way
git checkout -b feature-difficulty-selector

Restore (discard) changes to a file:

# Modern way
git restore script.js

# Traditional way
git checkout -- script.js

Why the new commands?

• git switch handles branches only (clearer intent)
• git restore handles file changes only (safer)
• git checkout did both, which was confusing

💡 Tip: Use modern commands for clarity. If you see git checkout in tutorials, translate: checkout <br />anch> -> switch <br />anch>, checkout -- <file> -> restore <file>.

Writing Good Commit Messages

git commit -m "fixed stuff"
git commit -m "update"
git commit -m "wip"
git commit -m "asdfasdf"

Why bad?

• No context
• Future you won't remember what changed
• Teammates can't understand your work
• Makes debugging history painful

Good Commit Messages:

git commit -m "Add difficulty selector with Easy/Medium/Hard options"
git commit -m "Fix bug where hints deducted points twice"
git commit -m "Refactor word filtering to improve performance"
git commit -m "Update README with installation instructions"

Qualities of good messages:

• Concise (50 characters or less for first line)
• Descriptive (what changed and why)
• Action-oriented (use imperatives: "Add", "Fix", "Update")
• Context (explain why, not just what)

Conventional Commits Format:

Many teams use standardized prefixes:

feat: Add user authentication
fix: Resolve crash on empty input
docs: Update API documentation
style: Format code with Prettier
refactor: Simplify scoring algorithm
test: Add unit tests for word filtering
chore: Update dependencies

Benefits:

• Auto-generate changelogs
• Easy to scan history
• Clear intent at a glance

When to Commit

Commit frequency guide:

✅ Good times to commit:

• After completing a feature ("Add scoring system")
• After fixing a bug ("Fix crash on special characters")
• Before experimenting ("Checkpoint before refactoring")
• After code reviews ("Apply review feedback")
• End of work session ("Work in progress on user profiles")

❌ Don't commit:

• Code that doesn't run
• Half-finished features (unless marked as WIP)
• Debugging console.log statements everywhere
• Sensitive data (API keys, passwords)

Golden Rule: Commit working code frequently. Each commit should leave your project in a usable state.

Viewing Commit History

# See all commits
git log

# Compact one-line view
git log --oneline

# Last 5 commits
git log -5

# Commits by specific author
git log --author="Your Name"

Example output:

commit a3f2b1c (HEAD -> main)
Author: Your Name <you@example.com>
Date:   Thu Nov 6 10:30:00 2024

    Add difficulty selector with Easy/Medium/Hard options

commit d4e5f6g
Author: Your Name <you@example.com>
Date:   Thu Nov 6 09:15:00 2024

    Fix bug where hints deducted points twice

Part 4: AI + Package Management + Version Control (5 minutes)

Using AI for npm Tasks

Prompt: Find the Right Package

You: "I need to make HTTP requests in my Node.js project.
What's the most popular package for this?"

AI: "The most popular package is **axios**. It's easier to
use than the built-in `fetch` and has excellent documentation.

Install with:
npm install axios

Basic usage:
const axios = require('axios');
const response = await axios.get('https://api.example.com/data');
console.log(response.data);
"

Prompt: Fix Dependency Conflicts

You: "I'm getting this npm error: [paste error message]
How do I fix it?"

AI: "This is a peer dependency conflict. Try:
npm install --legacy-peer-deps

This happens because react-router-dom expects React 18 but you
have React 17 installed. You can either:
1. Update React: npm install react@18
2. Use legacy mode: npm install --legacy-peer-deps
"

Prompt: Explain package.json

You: "What does this line mean in package.json?
"lodash": "^4.17.21""

AI: "The caret (^) means npm will install:
- Version 4.17.21 (exact match)
- Any newer MINOR or PATCH version (4.18.0, 4.17.22, etc.)
- But NOT version 5.0.0 (major version change)

This is safe because minor updates add features without
breaking existing code."

Using AI for Git Tasks

Prompt: Generate Commit Messages

You: "I just added a difficulty selector, fixed a scoring bug,
and updated the README. Generate a commit message."

AI: "Since you made multiple unrelated changes, you should create
separate commits:

Commit 1:
git add difficulty-selector.js
git commit -m "feat: Add difficulty selector with Easy/Medium/Hard modes"

Commit 2:
git add scoring.js
git commit -m "fix: Prevent double point deduction on hints"

Commit 3:
git add README.md
git commit -m "docs: Update README with setup instructions"
"

Prompt: Explain Git Errors

You: "I got this error: 'fatal: not a git repository'
What does this mean?"

AI: "This means you're not in a Git-tracked folder.

Solutions:
1. If you want to track this folder:
   git init

2. If you meant to work in a different folder:
   cd path/to/your/project
   git status

Check your current directory with: pwd
"

Prompt: Git Best Practices

You: "Should I commit my node_modules folder?"

AI: "NO! Never commit node_modules.

Why?
- Huge size (100+ MB)
- Contains platform-specific files
- Can be regenerated with npm install

What to do:
1. Create .gitignore file
2. Add this line:
   node_modules/

3. Commit the .gitignore:
   git add .gitignore
   git commit -m 'Add .gitignore to exclude node_modules'

Always commit package.json and package-lock.json instead!
"

Prompt: Modern Git Commands

You: "I keep seeing 'git checkout' in tutorials. Is there a better way?"

AI: "Yes! Git 2.23+ (2019) introduced clearer commands:

For switching branches:
# Old way
git checkout main

# New way (clearer)
git switch main

For discarding file changes:
# Old way
git checkout -- file.js

# New way (safer)
git restore file.js

Why change? git checkout did TWO different things (switch branches
AND restore files), which was confusing. The new commands separate
these concerns for clarity and safety.

Both ways still work, but modern commands prevent mistakes!"

AI as Your Safety Net

1. Commit working code:
   git commit -m "Checkpoint: game works perfectly"

2. Ask AI to refactor:
   "Make this code more efficient"

3a. If AI's changes work:
    git commit -m "Refactor scoring for performance"

3b. If AI breaks something:
    git reset --hard HEAD  (revert to checkpoint!)

The Git + AI Workflow:

• Commit before trying AI suggestions
• Test AI-generated code
• Commit if it works, revert if it doesn't
• Never fear experimentation!

Summary

NPM (Package Management):

• npm install vs npm install --save-dev
• Reading package.json structure
• Semantic versioning (MAJOR.MINOR.PATCH)
• Version ranges: ^ (caret) vs ~ (tilde)
• Checking versions: npm list, npm outdated
• Resolving conflicts: --legacy-peer-deps
• Never commit node_modules!

Git (Version Control):

• Essential commands: init, status, add, commit
• Good commit messages: Concise, descriptive, action-oriented
• Commit frequency: After each working feature
• Viewing history: git log --oneline

AI Integration:

• Prompt AI to find packages and explain versions
• Generate commit messages with AI
• Use AI to debug npm and Git errors
• Git enables safe experimentation with AI suggestions

Next Steps

Before starting:

• Initialize Git repository
• Create package.json
• Add .gitignore (exclude node_modules)

During development:

• Install packages as needed
• Commit working code frequently
• Write meaningful commit messages
• Use AI to explain errors

When collaborating:

• Share package.json, not node_modules
• Use consistent commit message formats
• Document setup steps in README

In Activity 12, you'll practice these skills hands-on by setting up a project with npm and Git, then using AI to help you manage dependencies and commits!

Key Takeaways

💡 Remember: Package managers and version control aren't just technical tools - they're collaboration enablers. npm lets you build on others' work, while Git lets you work safely with teammates (including AI!).

The Professional Workflow:

1. git init - Start tracking your project
2. npm init - Create package.json
3. npm install <package> - Add dependencies
4. Write code -> Test -> git add -> git commit
5. Repeat step 4 with confidence!

With AI:

• Ask AI to explain package errors
• Generate commit messages
• Find the right packages for your needs
• Debug version conflicts

Ready to practice? Let's move to Activity 12 where you'll set up a real project with npm and Git!