Installing Express
Express is published as an npm package, so installing it is a single command once you have a Node.js project in place. The whole setup — from an empty folder to a project ready for its first route — takes about a minute. This page walks through the Node and npm prerequisites, initializing a project with npm init, installing Express, choosing between Express 4 and the newer Express 5, and wiring up the package.json scripts you’ll run every day.
Prerequisites: Node.js and npm
Express runs on Node.js, the JavaScript runtime, and is installed with npm, the package manager that ships alongside Node. You don’t install Express globally or use a special CLI — it lives in each project’s node_modules folder. Express 4 supports Node 0.10 and up, but for any new project you should target a current LTS (Long-Term Support) release. As of mid-2026 that means Node 20 or 22; Express 5 officially requires Node 18 or newer.
Confirm both tools are available and recent before you start:
node -v
npm -vOutput:
v22.14.0
10.9.2If node isn’t found, or the version is below 18, install the latest LTS build from nodejs.org, or manage multiple versions with a tool like nvm. The npm commands below also work unchanged with pnpm and yarn if you prefer them.
Tip: Always pick an even-numbered LTS release (20, 22, …) for servers. The odd-numbered “Current” lines get the newest features but a much shorter support window, which is rarely what you want in production.
Initializing a Node project
A project needs a package.json — the manifest that records your dependencies and scripts. Create a folder, move into it, and run npm init. The -y flag accepts all defaults and writes the file immediately:
mkdir my-app
cd my-app
npm init -yOutput:
Wrote to /home/you/my-app/package.json:
{
"name": "my-app",
"version": "1.0.0",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"license": "ISC"
}Drop the -y if you’d rather answer the prompts interactively and set the name, version, entry point, and license yourself.
Installing Express
With a package.json in place, add Express as a dependency:
npm install expressThis downloads Express and its dependency tree into node_modules, records the package under "dependencies" in package.json, and writes a package-lock.json that pins exact versions. By default npm installs the latest stable release. To control which major version you get, name it explicitly:
npm install express@4 # latest 4.x
npm install express@5 # latest 5.x
npm install express@latest # newest published releaseAfter installing, your package.json will show the dependency with a caret range that allows compatible minor and patch updates:
{
"name": "my-app",
"version": "1.0.0",
"main": "index.js",
"scripts": {
"start": "node index.js",
"dev": "node --watch index.js"
},
"dependencies": {
"express": "^4.21.2"
}
}Choosing Express 4 vs Express 5
Express 5 became the default latest release in 2025. It is a mostly backward-compatible upgrade with a smaller dependency tree and modern internals, but a few breaking changes mean you should choose deliberately for each project.
| Concern | Express 4 | Express 5 |
|---|---|---|
| Minimum Node | 0.10+ | 18+ |
| Async errors | Must call next(err) manually | Rejected promises forwarded to error handlers automatically |
| Path matching | path-to-regexp 0.x | path-to-regexp 8.x — * and optional params changed syntax |
| Removed helpers | app.del, res.json(status, obj) available | Legacy signatures removed |
| Maturity | Battle-tested, vast ecosystem | Modern, recommended for new apps |
For a brand-new project, start on Express 5 to get automatic async error handling and a lighter install. For an existing codebase or one leaning on older middleware, Express 4 remains fully supported and is the safest choice until you can test the upgrade.
Warning: In Express 5 the route-matching syntax changed. A catch-all like
app.get('*', ...)from Express 4 must be writtenapp.get('/*splat', ...)(a named wildcard) in Express 5. Audit your wildcard and optional-parameter routes when upgrading.
Setting up package.json scripts
The scripts field defines shortcuts you run with npm run <name> (start and test work without run). At minimum, add a start script to launch your server and a dev script for local development. Node 18+ includes a built-in --watch flag that restarts on file changes, so you no longer need nodemon for a simple loop:
{
"scripts": {
"start": "node index.js",
"dev": "node --watch index.js",
"test": "node --test"
}
}Run the dev server like this:
npm run devOutput:
Server listening on http://localhost:3000If you prefer the popular nodemon watcher for its richer config, install it as a dev dependency so it doesn’t ship to production:
npm install --save-dev nodemonThen point your dev script at nodemon index.js.
Verifying the install
A quick sanity check confirms Express resolves correctly before you write real routes:
node -e "console.log('express', require('express/package.json').version)"Output:
express 4.21.2Seeing a version number means Express is installed and importable. From here you’re ready to create your first server.
Best Practices
- Target a current Node.js LTS release (20 or 22) and keep it updated to receive security patches.
- Commit
package-lock.jsonso teammates and CI install byte-for-byte identical dependency trees. - Pin the Express major version (
express@4orexpress@5) intentionally rather than relying on whateverlatestresolves to today. - Install development-only tools such as
nodemonwith--save-devto keep production installs lean. - Use the built-in
node --watchfor simple auto-reload before reaching for extra dependencies. - Add a
.gitignorethat excludesnode_modules/— it is rebuilt from the lockfile on every install. - Prefer Express 5 for new projects to get automatic async error handling, but verify wildcard routes when migrating from Express 4.