# create a package.json file
npm init
# once you have listed all the packages you want to use in your project, install and save them by using
npm install --save
# ignores package.json and install dependencies as specified in package-lock.json only.
npm ci
# sets the default to tilde
npm config set save-prefix='~'
# will remove the auto-prefixing
npm config set save-exact true
# check for out of date versions (shows any installed packages)
npm outdated
# update all the packages listed to the latest version, respecting semver
npm update
# Check for out of date versions (shows only main packages from package.json)
npm-check-updates
# upgrades your package.json dependencies to the latest versions, ignoring specified versions.
npm-check-updates -u
# scan your project for vulnerabilities
npm-audit
# lock down dependency versions for publication
npm-shrinkwrap
^
(caret) -> Which means that changes are allowed up to the MINOR part.~
(tilde) -> Once used in front of the version number, it means: allow only PATCH segment changes.