The --save flag in npm tells the package manager to record an installed package in your project’s package.json file under the “dependencies” section. If you’re using npm 5.0.0 or later (released May 2017), you no longer need to type it because saving is now the default behavior.
What –save Actually Does
When you run npm install some-package, npm downloads the package into your node_modules folder. The --save flag ensures that package also gets listed in package.json, so anyone else who clones your project and runs npm install will get the same dependency automatically.
Before npm 5, running npm install without --save would download the package locally but leave no record in package.json. That meant your teammates or your deployment server had no way of knowing the package was needed. You had to remember to include the flag every time, and forgetting it was a common source of “works on my machine” bugs.
Why You Don’t Need It Anymore
As of npm 5.0.0, installed modules are added as a dependency by default. Running npm install express today does exactly what npm install express --save used to do. The flag still works if you type it, but it’s redundant.
If you see --save in a tutorial or README, it was likely written before 2017 or the author included it for clarity. You can safely leave it off. If for some reason you want to install a package without recording it in package.json, you’d use the opposite flag: --no-save.
Related Flags: –save-dev and –save-prod
The --save flag has siblings that control where in package.json a package gets listed:
- –save-prod (or -P): Adds the package to
"dependencies". These are packages your application needs to run in production. This is the default. - –save-dev (or -D): Adds the package to
"devDependencies". These are packages only needed during development and testing, like linters, test frameworks, or build tools. - –save-optional (or -O): Adds the package to
"optionalDependencies", meaning the install won’t fail if the package can’t be downloaded.
The distinction between production and dev dependencies matters when you deploy. A production server running npm install --omit=dev will skip everything in devDependencies, keeping your deployed application smaller and faster to install. So while the plain --save flag is now automatic, --save-dev is still something you’ll type regularly when installing tools you only use while coding.
One Edge Case: npm update
There’s one situation where --save still matters. When you run npm update, the save behavior defaults to false. That means npm will update packages in node_modules but won’t change the version ranges recorded in package.json. If you want the updated versions reflected in your package.json, you need to run npm update --save explicitly.
–save in Other Tools
If you landed here searching for --save outside the npm context, the flag appears in other command-line tools with different meanings. In Docker, for example, docker save exports one or more container images to a tar archive file. It has nothing to do with dependency management. The flag’s behavior is always specific to the tool you’re using.