Modules & Package Management Interview Questions

Node.js supports multiple module systems: 1) CommonJS (require/exports): Traditional Node.js module system. Example: const fs = require('fs'); module.exports = { ... }. 2) ES Modules (import/export): Modern JavaScript module system. Example: import fs from 'fs'; export const handler = { ... }. 3) ECMAScript Modules in Node.js require either .mjs extension or { 'type': 'module' } in package.json.

Node.js module resolution follows these steps: 1) Core modules (like 'fs'), 2) Local modules with relative paths ('./myModule'), 3) node_modules lookup (starts from current directory, moves up), 4) Package.json 'main' field. Example resolution: require('mymodule') → looks in ./node_modules/mymodule → ../node_modules/mymodule → / etc. Resolution can be customized using NODE_PATH environment variable or package.json fields.

package.json is a project manifest file containing: 1) Basic info (name, version, description), 2) Dependencies (dependencies, devDependencies), 3) Scripts (start, test, build), 4) Configuration (type, engines). Example: { 'name': 'my-app', 'version': '1.0.0', 'dependencies': { 'express': '^4.17.1' }, 'scripts': { 'start': 'node server.js' }, 'type': 'module' }. It's essential for npm package management and project configuration.

NPM dependency management includes: 1) Installing packages: npm install package-name, 2) Saving dependencies: --save or --save-dev flags, 3) Version control: semantic versioning (^, ~, exact versions), 4) Updating packages: npm update, 5) Auditing security: npm audit. Example managing a project: npm init npm install express --save npm install jest --save-dev npm update npm audit fix

Peer dependencies specify packages that must be installed by the consuming application. Used when: 1) Creating plugins/extensions, 2) Avoiding duplicate dependencies, 3) Ensuring compatibility. Example package.json: { 'name': 'my-plugin', 'peerDependencies': { 'react': '>=16.8.0', 'react-dom': '>=16.8.0' } }. The consuming application must install compatible versions of peer dependencies.

Circular dependencies can be handled through: 1) Restructuring code to avoid cycles, 2) Using dependency injection, 3) Moving shared code to a separate module. Example problem: // a.js const b = require('./b'); // b.js const a = require('./a'); Solution: Create shared module: // shared.js module.exports = { sharedFunction() {} }; Then import shared in both modules.

NPM workspaces enable managing multiple packages in a single repository: 1) Define workspaces in root package.json, 2) Share dependencies across packages, 3) Link local packages together. Example: { 'name': 'monorepo', 'workspaces': ['packages/*'], 'private': true }. Directory structure: /packages/pkg1/package.json /packages/pkg2/package.json. Commands work across all workspaces: npm install --workspace=pkg1

Module loading optimization techniques: 1) Use module caching effectively, 2) Implement lazy loading, 3) Bundle modules for production, 4) Use path aliases. Example lazy loading: const getLodash = () => require('lodash'); function processData(data) { const _ = getLodash(); return _.groupBy(data, 'type'); } Cache example: const cache = {}; function requireFromCache(module) { if (!cache[module]) cache[module] = require(module); return cache[module]; }

Package versioning methods include: 1) Semantic Versioning (MAJOR.MINOR.PATCH), 2) Version ranges (^, ~, *, x), 3) Git URLs, 4) Local paths. Example package.json: { 'dependencies': { 'express': '^4.17.1', // Minor version updates 'lodash': '~4.17.21', // Patch updates only 'mylib': 'file:../mylib', // Local path 'private-pkg': 'git+ssh://git@github.com:org/repo.git' // Git URL } }

Package publishing process: 1) Prepare package.json (name, version, files), 2) Create npm account, 3) npm login, 4) npm publish. Maintenance: 1) Version updates (npm version), 2) README and documentation, 3) Security updates, 4) Deprecation if needed. Example workflow: npm version patch npm publish npm deprecate my-package@"<2.0.0" "Critical security bug fixed in v2.0.0"

package-lock.json ensures consistent installs across environments by: 1) Locking exact versions of dependencies, 2) Recording dependency tree, 3) Including integrity hashes, 4) Maintaining deterministic installs. Example: { 'name': 'project', 'lockfileVersion': 2, 'requires': true, 'packages': { 'node_modules/express': { 'version': '4.17.1', 'resolved': 'https://registry.npmjs.org/express/-/express-4.17.1.tgz', 'integrity': 'sha512-...' } } }

Native modules management includes: 1) node-gyp for compilation, 2) Binary distribution using prebuilt packages, 3) Platform-specific installations. Example package.json: { 'dependencies': { 'bcrypt': '^5.0.1' }, 'scripts': { 'install': 'node-gyp rebuild' } } Installation handling: if (process.platform === 'win32') { module.exports = require('./binary/windows'); } else { module.exports = require('./binary/unix'); }

Security practices include: 1) Regular security audits (npm audit), 2) Version pinning for critical dependencies, 3) Using .npmrc for security settings, 4) Implementing lockfiles, 5) Automated vulnerability scanning. Example: { 'scripts': { 'preinstall': 'npm audit', 'audit-fix': 'npm audit fix' } } .npmrc configuration: audit=true save-exact=true package-lock=true

Module mocking approaches: 1) Jest mock functions, 2) Proxyquire for dependency injection, 3) Manual mocking. Example with Jest: jest.mock('./database', () => ({ query: jest.fn() })); Example with Proxyquire: const proxyquire = require('proxyquire'); const stubs = { './database': { query: () => Promise.resolve([]) } }; const module = proxyquire('./module', stubs);

Module scoping patterns include: 1) IIFE (Immediately Invoked Function Expression), 2) Revealing Module Pattern, 3) ES Modules with private fields, 4) Symbol-based privacy. Example: const createModule = () => { const privateVar = Symbol('private'); return { [privateVar]: 'hidden', publicMethod() { return this[privateVar]; } }; }; ES Module example: export class Module { #privateField = 'hidden'; getPrivate() { return this.#privateField; } }

Environment-specific dependency management: 1) Development vs production dependencies, 2) Optional dependencies, 3) Conditional installations, 4) Environment-specific builds. Example package.json: { 'dependencies': { 'express': '^4.17.1' }, 'devDependencies': { 'jest': '^27.0.0' }, 'optionalDependencies': { 'win-printer': '^1.0.0' }, 'scripts': { 'install': 'node scripts/conditional-install.js' } }