A lot of the behavior described in this document is affected by the config settings described in npm-config.
If you plan to publish your package, the most important things in your package.json are the name and version fields as they will be required. The name and version together form an identifier that is assumed to be completely unique. Changes to the package should come along with changes to the version. If you don’t plan to publish your package, the name and version fields are optional.
The name is what your thing is called.
The name must be less than or equal to 214 characters. This includes the scope for scoped packages.
The name can’t start with a dot or an underscore.
New packages must not have uppercase letters in the name.
The name ends up being part of a URL, an argument on the command line, and a folder name. Therefore, the name can’t contain any non-URL-safe characters.
Don’t use the same name as a core Node module.
Don’t put “js” or “node” in the name. It’s assumed that it’s js, since you’re writing a package.json file, and you can specify the engine using the “engines” field. (See below.)
The name will probably be passed as an argument to require(), so it should be something short, but also reasonably descriptive.
You may want to check the npm registry to see if there’s something by that name already, before you get too attached to it. https://www.npmjs.com/
A name can be optionally prefixed by a scope, e.g. @myorg/mypackage. See npm-scope for more detail.