Monitor for any changes in your node.js application and automatically restart the server - perfect for development
Installations
npm install nodemon
Developer
Developer Guide
Module System
CommonJS
Min. Node Version
>=10
Typescript Support
Yes
Node Version
18.20.4
NPM Version
10.7.0
Statistics
26,343 Stars
1,394 Commits
1,735 Forks
257 Watching
54 Branches
169 Contributors
Updated on 28 Nov 2024
Bundle Size
139.77 kB
Minified
48.60 kB
Minified + Gzipped
Languages
JavaScript (82.35%)
HTML (14.7%)
jq (1.62%)
CSS (0.86%)
Dockerfile (0.38%)
Shell (0.09%)
Total Downloads
Cumulative downloads
Total Downloads
1,312,447,139
Last day
-11.6%
1,278,194
Compared to previous day
Last week
1.7%
7,708,469
Compared to previous week
Last month
10.4%
31,454,948
Compared to previous month
Last year
10.3%
312,673,049
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
nodemon
nodemon is a tool that helps develop Node.js based applications by automatically restarting the node application when file changes in the directory are detected.
nodemon does not require any additional changes to your code or method of development. nodemon is a replacement wrapper for node
. To use nodemon
, replace the word node
on the command line when executing your script.
Installation
Either through cloning with git or by using npm (the recommended way):
1npm install -g nodemon # or using yarn: yarn global add nodemon
And nodemon will be installed globally to your system path.
You can also install nodemon as a development dependency:
1npm install --save-dev nodemon # or using yarn: yarn add nodemon -D
With a local installation, nodemon will not be available in your system path or you can't use it directly from the command line. Instead, the local installation of nodemon can be run by calling it from within an npm script (such as npm start
) or using npx nodemon
.
Usage
nodemon wraps your application, so you can pass all the arguments you would normally pass to your app:
1nodemon [your node app]
For CLI options, use the -h
(or --help
) argument:
1nodemon -h
Using nodemon is simple, if my application accepted a host and port as the arguments, I would start it as so:
1nodemon ./server.js localhost 8080
Any output from this script is prefixed with [nodemon]
, otherwise all output from your application, errors included, will be echoed out as expected.
You can also pass the inspect
flag to node through the command line as you would normally:
1nodemon --inspect ./server.js 80
If you have a package.json
file for your app, you can omit the main script entirely and nodemon will read the package.json
for the main
property and use that value as the app (ref).
nodemon will also search for the scripts.start
property in package.json
(as of nodemon 1.1.x).
Also check out the FAQ or issues for nodemon.
Automatic re-running
nodemon was originally written to restart hanging processes such as web servers, but now supports apps that cleanly exit. If your script exits cleanly, nodemon will continue to monitor the directory (or directories) and restart the script if there are any changes.
Manual restarting
Whilst nodemon is running, if you need to manually restart your application, instead of stopping and restart nodemon, you can type rs
with a carriage return, and nodemon will restart your process.
Config files
nodemon supports local and global configuration files. These are usually named nodemon.json
and can be located in the current working directory or in your home directory. An alternative local configuration file can be specified with the --config <file>
option.
The specificity is as follows, so that a command line argument will always override the config file settings:
- command line arguments
- local config
- global config
A config file can take any of the command line arguments as JSON key values, for example:
1{ 2 "verbose": true, 3 "ignore": ["*.test.js", "**/fixtures/**"], 4 "execMap": { 5 "rb": "ruby", 6 "pde": "processing --sketch={{pwd}} --run" 7 } 8}
The above nodemon.json
file might be my global config so that I have support for ruby files and processing files, and I can run nodemon demo.pde
and nodemon will automatically know how to run the script even though out of the box support for processing scripts.
A further example of options can be seen in sample-nodemon.md
package.json
If you want to keep all your package configurations in one place, nodemon supports using package.json
for configuration.
Specify the config in the same format as you would for a config file but under nodemonConfig
in the package.json
file, for example, take the following package.json
:
1{ 2 "name": "nodemon", 3 "homepage": "http://nodemon.io", 4 "...": "... other standard package.json values", 5 "nodemonConfig": { 6 "ignore": ["**/test/**", "**/docs/**"], 7 "delay": 2500 8 } 9}
Note that if you specify a --config
file or provide a local nodemon.json
any package.json
config is ignored.
This section needs better documentation, but for now you can also see nodemon --help config
(also here).
Using nodemon as a module
Please see doc/requireable.md
Using nodemon as child process
Please see doc/events.md
Running non-node scripts
nodemon can also be used to execute and monitor other programs. nodemon will read the file extension of the script being run and monitor that extension instead of .js
if there's no nodemon.json
:
1nodemon --exec "python -v" ./app.py
Now nodemon will run app.py
with python in verbose mode (note that if you're not passing args to the exec program, you don't need the quotes), and look for new or modified files with the .py
extension.
Default executables
Using the nodemon.json
config file, you can define your own default executables using the execMap
property. This is particularly useful if you're working with a language that isn't supported by default by nodemon.
To add support for nodemon to know about the .pl
extension (for Perl), the nodemon.json
file would add:
1{ 2 "execMap": { 3 "pl": "perl" 4 } 5}
Now running the following, nodemon will know to use perl
as the executable:
1nodemon script.pl
It's generally recommended to use the global nodemon.json
to add your own execMap
options. However, if there's a common default that's missing, this can be merged in to the project so that nodemon supports it by default, by changing default.js and sending a pull request.
Monitoring multiple directories
By default nodemon monitors the current working directory. If you want to take control of that option, use the --watch
option to add specific paths:
1nodemon --watch app --watch libs app/server.js
Now nodemon will only restart if there are changes in the ./app
or ./libs
directory. By default nodemon will traverse sub-directories, so there's no need in explicitly including sub-directories.
Nodemon also supports unix globbing, e.g --watch './lib/*'
. The globbing pattern must be quoted. For advanced globbing, see picomatch
documentation, the library that nodemon uses through chokidar
(which in turn uses it through anymatch
).
Specifying extension watch list
By default, nodemon looks for files with the .js
, .mjs
, .coffee
, .litcoffee
, and .json
extensions. If you use the --exec
option and monitor app.py
nodemon will monitor files with the extension of .py
. However, you can specify your own list with the -e
(or --ext
) switch like so:
1nodemon -e js,pug
Now nodemon will restart on any changes to files in the directory (or subdirectories) with the extensions .js
, .pug
.
Ignoring files
By default, nodemon will only restart when a .js
JavaScript file changes. In some cases you will want to ignore some specific files, directories or file patterns, to prevent nodemon from prematurely restarting your application.
This can be done via the command line:
1nodemon --ignore lib/ --ignore tests/
Or specific files can be ignored:
1nodemon --ignore lib/app.js
Patterns can also be ignored (but be sure to quote the arguments):
1nodemon --ignore 'lib/*.js'
Important the ignore rules are patterns matched to the full absolute path, and this determines how many files are monitored. If using a wild card glob pattern, it needs to be used as **
or omitted entirely. For example, nodemon --ignore '**/test/**'
will work, whereas --ignore '*/test/*'
will not.
Note that by default, nodemon will ignore the .git
, node_modules
, bower_components
, .nyc_output
, coverage
and .sass-cache
directories and add your ignored patterns to the list. If you want to indeed watch a directory like node_modules
, you need to override the underlying default ignore rules.
Application isn't restarting
In some networked environments (such as a container running nodemon reading across a mounted drive), you will need to use the legacyWatch: true
which enables Chokidar's polling.
Via the CLI, use either --legacy-watch
or -L
for short:
1nodemon -L
Though this should be a last resort as it will poll every file it can find.
Delaying restarting
In some situations, you may want to wait until a number of files have changed. The timeout before checking for new file changes is 1 second. If you're uploading a number of files and it's taking some number of seconds, this could cause your app to restart multiple times unnecessarily.
To add an extra throttle, or delay restarting, use the --delay
command:
1nodemon --delay 10 server.js
For more precision, milliseconds can be specified. Either as a float:
1nodemon --delay 2.5 server.js
Or using the time specifier (ms):
1nodemon --delay 2500ms server.js
The delay figure is number of seconds (or milliseconds, if specified) to delay before restarting. So nodemon will only restart your app the given number of seconds after the last file change.
If you are setting this value in nodemon.json
, the value will always be interpreted in milliseconds. E.g., the following are equivalent:
1nodemon --delay 2.5 2 3{ 4 "delay": 2500 5}
Gracefully reloading down your script
It is possible to have nodemon send any signal that you specify to your application.
1nodemon --signal SIGHUP server.js
Your application can handle the signal as follows.
1process.on("SIGHUP", function () { 2 reloadSomeConfiguration(); 3 process.kill(process.pid, "SIGTERM"); 4})
Please note that nodemon will send this signal to every process in the process tree.
If you are using cluster
, then each workers (as well as the master) will receive the signal. If you wish to terminate all workers on receiving a SIGHUP
, a common pattern is to catch the SIGHUP
in the master, and forward SIGTERM
to all workers, while ensuring that all workers ignore SIGHUP
.
1if (cluster.isMaster) { 2 process.on("SIGHUP", function () { 3 for (const worker of Object.values(cluster.workers)) { 4 worker.process.kill("SIGTERM"); 5 } 6 }); 7} else { 8 process.on("SIGHUP", function() {}) 9}
Controlling shutdown of your script
nodemon sends a kill signal to your application when it sees a file update. If you need to clean up on shutdown inside your script you can capture the kill signal and handle it yourself.
The following example will listen once for the SIGUSR2
signal (used by nodemon to restart), run the clean up process and then kill itself for nodemon to continue control:
1// important to use `on` and not `once` as nodemon can re-send the kill signal 2process.on('SIGUSR2', function () { 3 gracefulShutdown(function () { 4 process.kill(process.pid, 'SIGTERM'); 5 }); 6});
Note that the process.kill
is only called once your shutdown jobs are complete. Hat tip to Benjie Gillam for writing this technique up.
Triggering events when nodemon state changes
If you want growl like notifications when nodemon restarts or to trigger an action when an event happens, then you can either require
nodemon or add event actions to your nodemon.json
file.
For example, to trigger a notification on a Mac when nodemon restarts, nodemon.json
looks like this:
1{ 2 "events": { 3 "restart": "osascript -e 'display notification \"app restarted\" with title \"nodemon\"'" 4 } 5}
A full list of available events is listed on the event states wiki. Note that you can bind to both states and messages.
Pipe output to somewhere else
1nodemon({ 2 script: ..., 3 stdout: false // important: this tells nodemon not to output to console 4}).on('readable', function() { // the `readable` event indicates that data is ready to pick up 5 this.stdout.pipe(fs.createWriteStream('output.txt')); 6 this.stderr.pipe(fs.createWriteStream('err.txt')); 7});
Using nodemon in your gulp workflow
Check out the gulp-nodemon plugin to integrate nodemon with the rest of your project's gulp workflow.
Using nodemon in your Grunt workflow
Check out the grunt-nodemon plugin to integrate nodemon with the rest of your project's grunt workflow.
Pronunciation
nodemon, is it pronounced: node-mon, no-demon or node-e-mon (like pokémon)?
Well...I've been asked this many times before. I like that I've been asked this before. There's been bets as to which one it actually is.
The answer is simple, but possibly frustrating. I'm not saying (how I pronounce it). It's up to you to call it as you like. All answers are correct :)
Design principles
- Fewer flags is better
- Works across all platforms
- Fewer features
- Let individuals build on top of nodemon
- Offer all CLI functionality as an API
- Contributions must have and pass tests
Nodemon is not perfect, and CLI arguments has sprawled beyond where I'm completely happy, but perhaps it can be reduced a little one day.
FAQ
See the FAQ and please add your own questions if you think they would help others.
Backers
Thank you to all our backers! 🙏
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. Sponsor this project today ❤️
Please note that links to the sponsors above are not direct endorsements nor affiliated with any of contributors of the nodemon project.
License
No vulnerabilities found.
Reason
17 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:12
Reason
binaries present in source code
Details
- Warn: binary detected: bin/windows-kill.exe:1
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/commits.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/remy/nodemon/commits.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/remy/nodemon/node.js.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/remy/nodemon/node.js.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/remy/nodemon/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/remy/nodemon/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/remy/nodemon/stale.yml/main?enable=pin
- Warn: containerImage not pinned by hash: Dockerfile:9: pin your Docker image by updating ubuntu:16.04 to ubuntu:16.04@sha256:1f1a2d56de1d604801a9671f301190704c25d604a416f59e03c04f5c6ffee0d6
- Warn: downloadThenRun not pinned by hash: Dockerfile:16
- Warn: npmCommand not pinned by hash: Dockerfile:20
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 2 out of 3 npmCommand dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 0 out of 1 downloadThenRun dependencies pinned
Reason
Found 2/30 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/commits.yml:1
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/stale.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Reason
26 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
- Warn: Project is vulnerable to: GHSA-hj9c-8jmm-8c52
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-x2pg-mjhr-2m5x
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Score
3.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More