How to install a private NPM module without my own registry?
Solution 1
cd somedir
npm install .
or
npm install path/to/somedir
somedir
must contain the package.json
inside it.
It knows about git too:
npm install git://github.com/visionmedia/express.git
Solution 2
In your private npm modules add
"private": true
to your package.json
Then to reference the private module in another module, use this in your package.json
{
"name": "myapp",
"dependencies": {
"private-repo": "git+ssh://[email protected]:myaccount/myprivate.git#v1.0.0",
}
}
Solution 3
Can I just install an NPM package that sits on the local filesystem, or perhaps even from git?
Yes you can! From the docs https://docs.npmjs.com/cli/install
A package is:
- a) a folder containing a program described by a package.json file
- b) a gzipped tarball containing (a)
- c) a url that resolves to (b)
- d) a
<name>@<version>
that is published on the registry with (c)- e) a
<name>@<tag>
that points to (d)- f) a
<name>
that has a "latest" tag satisfying (e)- g) a
<git remote url>
that resolves to (b)
Isn't npm brilliant?
Solution 4
Update January 2016
In addition to other answers, there is sometimes the scenario where you wish to have private modules available in a team context.
Both Github and Bitbucket support the concept of generating a team API Key. This API key can be used as the password to perform API requests as this team.
In your private npm modules add
"private": true
to your package.json
Then to reference the private module in another module, use this in your package.json
{
"name": "myapp",
"dependencies": {
"private-repo":
"git+https://myteamname:[email protected]/myprivate.git",
}
}
where team name = myteamname, and API Key = aQqtcplwFzlumj0mIDdRGCbsAq5d6Xg4
Here I reference a bitbucket repo, but it is almost identical using github too.
Finally, as an alternative, if you really don't mind paying $7 per month (as of writing) then you can now have private NPM modules out of the box.
Solution 5
FWIW: I had problems with all of these answers when dealing with a private organization repository.
The following worked for me:
npm install -S "git+https://[email protected]/orgname/repositoryname.git"
For example:
npm install -S "git+https://[email protected]/netflix/private-repository.git"
I'm not entirely sure why the other answers didn't work for me in this one case, because they're what I tried first before I hit Google and found this answer. And the other answers are what I've done in the past.
Hopefully this helps someone else.
futlib
Updated on July 08, 2022Comments
-
futlib almost 2 years
I've taken some shared code and put it in an NPM module, one I don't want to upload to the central registry. The question is, how do I install it from other projects?
The obvious way is probably to set up my own NPM registry, but according to the documentation, that involves a lot of hassle.
Can I just install an NPM module that sits on the local filesystem, or perhaps even from git?
npm install --from-git git@server:project
-
Luke Bayes over 11 yearsThe path/to/somedir solution kind of works, but then it's kind of awful because all of the require statements then have to include that relative or absolute path. Please correct me if I'm doing something wrong...
-
mihai over 11 years@Luke yes, you're wrong. After
npm install
all the files are copied to your project directory. So the paths in therequire
statements will be relative only to your project directory. -
Adam Beck over 11 yearsI'm confused by the top part and the only reason I haven't tested this myself is that I'm still learning and don't have a private module to work on. Anyway, by changing your directory to where the module is and then calling
install
wouldn't that just install there and not for the project you want to use it for? -
mihai over 11 years@AdamBeck yes, that's right. That command is usefull for module developers who may want to do a quick test of the module to see if it works, or when you download a module and just want a quick Hello World. If you want to include it in your project you should definitely have a separate folder.
-
Rafael Xavier over 11 yearsSide note: (a) when using git repos, you can specify a branch/commit/tag by adding a
#<ref>
to the end of the git url, eggit://github.com/visionmedia/express.git#v0.0.1
; (b) To be safe add"private": true
to the package.json of your private repos. This will make sure npm will never let you accidentally publish your secret sauce to the official npm registry. (according to debuggable.com/posts/…) -
Admin about 11 yearsThis is the real correct answer if you want your package.json to maintain the private repo dependency list, which is a Good Thing(tm) that you should be doing.
-
slf about 11 yearsFYI if you are serving your git up via http you'll need to
npm i git+http://all/the/things.git
even thoughgit clone http://all/the/things.git
works just fine -
Jake almost 11 yearsThanks - this is perfect. One problem - it works if I don't include the # version at the end, but if I do, I get an error like this: "Error: Command failed: fatal: ambiguous argument 'v0.0.1': unknown revision or path not in the working tree." I can't find a solution to this. Do you know what's going on?
-
250R almost 11 yearsIn the example it's referencing a specific tag, but if you don't have one then it'll default to master. (see git-scm.com/book/en/Git-Basics-Tagging)
-
Renato Gama over 10 yearsI don't understand how this command line can download code from a private github repo if I am not supllying my credentials! So how can I pass my github credentials?
-
250R over 10 yearsYou can setup the box with deploy keys (see help.github.com/articles/managing-deploy-keys)
-
SamAko over 10 yearscan this be done without using ssh? I need to install on heroku not only on my local machine
-
evanrmurphy almost 10 yearsNote that the
"private": true
part isn't necessary, but it will help prevent your private repo from accidentally being published to the public npm registry. -
Chris over 9 yearsCan you use a subfolder of the git repo?
-
Kevin Suttle about 9 yearsBut even if
path/to/somedir/
has apackage.json
file, it copies the directory itself into{$PWD}/node_modules
. So now there is{$PWD}/dependency/package.json
. and${PWD}/node_modules/dependency
which is less than elegant. -
Navdeep almost 9 years@250R: What is the syntax if I always want to to download latest version of my custom package?
-
Jasmine Hegman over 8 yearsnpm looks for several environment variables as well. From the manual in the
npm install <git remote url>
section, there are options likeGIT_ASKPASS
andGIT_SSH
.An example usage to choose a key other than the default id_rsa:GIT_SSH_COMMAND='ssh -i ~/.ssh/custom_ident' npm install git+ssh://[email protected]:npm/npm.git
-
PI. over 8 yearsCan you use this if you want to have a global module?
-
Milkncookiez over 8 years@250R : Does npm always pull from the master branch if a branch isn't specified in the dependency? What if I have another branch, say
develop
and I tag the commit there? I know npm will update a specific branch, if written like.../myprivate.git#develop"
, but what if I want to pull a specific tag from that branch? Because just specifying the tag, like.../myprivate.git#v1.0.1"
did not work. I got afatal: ambiguous argument 'v1.0.1': unknown revision or path not in the working tree.
-
Thomas Bormans over 8 yearsThis does not work for me I am afraid. Both the remote and the repository are not found. Any ideas?
-
arcseldon over 8 years@ThomasBormans - still having trouble? Please paste (scramble your teamname / api key) what you have as your line in dependencies section of your package.json - as per above instructions. I have found this works well for both github and bitbucket private repos. Which are you using?
-
Thomas Bormans over 8 years@arcseldon "name": "git+key:[email protected]/user/repo.git" returns EISDIR: illegal operation on a directory, read. And "name": "git+user:[email protected]/repo.git" returns several errors including these words remote: Not Found, fatal: repository, Command failed: git clone. Any ideas?
-
arcseldon over 8 yearsTry to follow the "exact" format I have given in answer: "git+https://<myteamname>:<my_key>@bitbucket.org/<my_repo_name>.git How did you generate the API key? Have you double checked it is correct in your bitbucket settings... sorry to ask the obvious, but i have near 100% confidence this should work.
-
arcseldon over 8 years@ThomasBormans - the team API key, which i refer to above, is available only with team accounts, and doesn't appear for an individual user account... you should see "API Key" under "Access Management" in the side bar of the settings page for a team account. However, for a user account "API Key" does not appear. It would be easy for you to create a team though (for which you are the only member) and then switch your needed repo to be owned by that pseudo-team and use its API Key (which you create at the link I just mentioned in settings).
-
Thomas Bormans over 8 years@arcseldon The API key I am using is from a team account which I am member of :/
-
arcseldon over 8 yearscheck you are referring to team name, and not your own user name in the values you are giving. otherwise, it 'should' just work... perhaps try generating a fresh API key... let me know how it goes.
-
Thomas Bormans over 8 years@arcseldon No luck I am afraid. I checked the team name and regenerated the API key.
-
arcseldon over 8 yearssorry to hear that -.. running out of ideas - you were using "git+https:" as protocol, and you can git clone using that protocol? You are a member of the team to which you refer, and the repo is DEFINITELY also associated with that team etc.. etc. try to trouble shoot by asking yourself all these questions. Do think it is user error, as opposed to anything else at this point. Good luck with it.
-
Thomas Bormans over 8 years@arcseldon I have figured it out! Apparently there were "old" fields in the package.json from an older Node version. I removed them and everything was fixed.
-
arcseldon over 8 years@ThomasBormans - pleased to hear it! Note to self, when debugging something like this - mv package.json package.json.old && git init -y Then insert needed dependency and try again :)
-
chovy almost 8 yearsIs this possible for private bitbucket git repos?
-
Michael over 7 yearsThis seems to hard code the location of the repository... is it possible to create a reference such that any user can check it out of their own repository without editing every reference in every package?
-
Sutra almost 7 yearsFor
yarn
, the protocol is required. That is to say the prefixgit+ssh://
is required. -
Aidan Hoolachan over 6 yearsDoes this require a client-side login step?
-
Robert Oschler about 6 years@mihai Is it necessary to do a full npm purge of any existing package with the same name? Usually before I start experimenting with a fork of an NPM package, I already have it installed either globally or locally in my Node.js package.
-
Dániel Kis-Nagy almost 6 yearsYou can actually add
"my-module-name": "file:../mymodule",
to yourdependencies
(assuming that mymodule has apackage.json
file where it's indeed namedmy-module-name
), runnpm install
, and then in your source files you can just reference your module by name, e.g.import {util} from 'my-module-name';
. -
Dániel Kis-Nagy almost 6 yearsNote that if you go for option b), it actually has to be a gzipped tarball, a mere zip archive won't do it. I.e. if you create your package with
tar -czf my-package.tar.gz dist
(assuming yourdist
folder also has a properpackage.json
file in it), then you cannpm install ../my-lib/my-package.tar.gz
from your other project. -
Con Antonakos over 5 yearsWhat's an alternative to this? For example, if you want to host your "package" on S3 and pull from there.
-
Raja over 5 yearsWorked for me in 2019! But I had to ensure git has credentials to access that account. (E.g. test git clone twice with
https://
, and ensure the password is not needed on the second run. Then you are good to go!) -
Kamafeather about 5 years@Milkncookiez as already said by 250R the default branch is
master
, when no tag or branch is specified as url fragment. To me it works perfectly either with a branch name or a tag name; are you sure you correctly pushed the tag to origin viagit push --tags
? (and are you sure you are using thev
prefix in your versioning tags?) -
Michael almost 5 yearshow to do something like
npm install git://home/michael/some.git
? that is, the repo is on the local file system, "git://" seems to insist on using the network, and without "git://" it fails because there's no package.json (due to it being a git repo) -
BGBRUNO about 2 yearsin @2021 works this -
"{{node_module__name}}": "file:{{node_module__path}}"