I have a project that I'm working on for a client where I have two private packages (which I can't get access to npm install) are inside the package.json.
I do however have access to clone the repos for those said packages. If I simply run an npm install I'll get a permission denied error. Same if I run npm link to the packages.
I've been working around this by removing the packages from the package.json then running npm install ../some-package. This works but isn't a great solution because if I wanted to add a new package I'd have to deal with a bit of a mess with the package.json.
Is there a better way than this?
I have tried running npm link ../some-package but I still get access denied. The only way I've managed to complete an install is by removing the packages then installing them from a local dir.
I don't know the details of your situation, but I see at least two potential solutions to explore.
Option 1: Install the package from the repo
I do however have access to clone the repos for those said packages.
You can install from a git repo and package.json will record that git repo as the source of the package rather than the npm registry.
From the docs at https://docs.npmjs.com/cli/v8/commands/npm-install:
npm install :
Installs the package from the hosted git provider, cloning it with git. For a full git remote url, only that URL will be attempted.
Option 2: Install from the local file system with --no-save
If that approach doesn't work for you, you can try npm install --no-save ../some-package as a build step. The --no-save makes it so it doesn't modify package.json.
Related
I have a situation where there was an update in one of npm packages I use in my project, but author didn't publish it on npmjs registry, so up to date code sits in gitlab only.
What would be the best solution to get updated version of code? I believe there is a way to add dependency to project which will be downloaded from gitlab or github public repository directly? Is it possible to compile it like in npmjs as well?
Yes, you could install a dependency from a git repository directly. As can be seen in the npm docs. You can straight install a Git Remote repository like this:
npm install <git remote url>
e.g.
npm install git://github.com/npm/cli.git
But beware that installing directly from the source git might have unintended side effects (missing build files, additional documentation files in general changes to the npmjs Version).
Also installing from the repository I would recommend you install from a specific commit/Tag.
I'm more familiar with the Python ecosystem at this point and have a question about how I can do something with npm that I'm used to doing with pip.
Let's say I have a wheel for a particular Python package, as well as a wheel file for each of the Python package's dependencies. And let's say I have all these wheel files in a folder called /path/to/wheel/files. To install this package and all of its dependencies, I could run something like pip install /path/to/wheel/files/*.whl --no-deps, where --no-deps keeps me from having to install the various dependencies in the proper order.
Does npm have an equivalent to this? I'm using npm-offline-packager to create a tarball that contains a Node package (as its own tarball) and all of its dependencies (as their own tarballs). I know I can tell npm install to install a particular tarball. However, when I do this, it tries pulling in the required dependencies from the online NPM registry instead of pulling in the dependencies from the tarballs I already have.
Ideally, I'd like npm install to use the tarballs to add the main package to my project's package.json while adding the package's dependencies to my project's package-lock.json. And of course, I'd also like the main package and all its dependencies to be installed to my project's node_modules directory as well.
TL;DR Does npm have something equivalent to pip install /path/to/wheel/files/*.whl --no-deps?
I'm responding to my own question here, but note that my answer is only applicable to my particular use case and may not be applicable in general.
For my use case, I have access to two computers: one that has access to the internet and one that doesn't. For the machine that doesn't have access to the internet, I was attempting to use Verdaccio as a way of creating a self-hosted NPM registry. However, publishing packages to Verdaccio wasn't working because it kept trying to pull in the package's dependencies from the public NPM repository. The solution was to remove all references to "npmjs" in Verdaccio's config file (which, for me, Verdaccio created at ~/.config/verdaccio/config.yaml).
So, in case anyone needs to do development on a machine that doesn't have access to the internet, the process for setting up Verdaccio looks something like this:
On the machine that has access to the internet, create an NPM project using npm init (I called my project "verdaccio_runner"). The reason I did this is because, without already having an NPM registry on the machine that doesn't have access to the internet, it was hard doing a global install of Verdaccio.
Run npm install verdaccio to install Verdaccio to the NPM project that was created in the previous step.
Transfer this project over to the machine that doesn't have access to the internet.
Once it's transferred over, run Verdaccio from the project like this: npx verdaccio.
Quit out of Verdaccio.
Remove all references to "npmjs" from the config file that Verdaccio created (again, mine was at ~/.config/verdaccio/config.yaml).
Run Verdaccio again to pull in those changes.
Tell NPM where your private registry is: npm config set registry http://localhost:4873/.
Add yourself as a user by running npm adduser and by then filling out the information you're prompted for.
And the process for publishing packages to Verdaccio on a machine that doesn't have access to the internet looks like this:
For the package you want to install, on the machine that has access to the internet, run npo fetch <package name> --no-cache (assuming you've already done a global install of npm-offline-packager on the machine that has internet access).
Bring the tarball that npo created for you over to the machine that doesn't have internet access.
Untar the tarball.
From the directory that's created, run for file in ./*.tgz; do npm publish $file; done.
The published packages can now be npm installed to projects on the machine that doesn't have internet access.
Note: in order for Verdaccio to be accessible to other machines on the private network, I also had to add the following to Verdaccio's config file:
listen:
0.0.0.0:4873
We have multiple developers and an npm package that is installed form a public repository on github. while all developers usually have a github account, the CI server obviously doesn't (and usually doesn't need to).
The package from the public repository is installed using git+https://github.com/<author>/<repo>#<branch> however whenever a developer (with ssh installed) is installing another package the depencency in the package-lock.json is changed to git+ssh... which of course fails on the CI server.
is there any way to fix this behaviour?
Deleting the offending package-lock.json entry/reference and then running these two commands did the trick for me:
git config --global url."https://github.com/".insteadOf git#github.com:
git config --global url."https://".insteadOf git://
With credit to this article.
When I try to run npm install, I got an error:
Could not install from "node_modules/eth-sig-util/ethereumjs-abi#git+https:/github.com/ethereumjs/ethereumjs-abi.git" as it does not contain a package.json file.
So I went to check the diff for package-lock.json, and noticed npm somehow modified
"ethereumjs-abi": "git+https://github.com/ethereumjs/ethereumjs-abi.git",
into
"ethereumjs-abi": "ethereumjs-abi#git+https://github.com/ethereumjs/ethereumjs-abi.git",
which breaks the npm install, so I'm wondering what is the meaning of placing package name before #git and why it breaks the install process.
It works after I delete the ethereumjs-abi# prefix, but it shows up after I run npm install and breaks again...
Thanks in advance!
A #git use to install the package from the git repo.
like: you fork package git repo into your Git account and you change some part of the package now you want to that install that changed package in project you can use #git+'git repo URL of your changed repo'.
here ethereumjs-abi package install from the https://github.com/ethereumjs/ethereumjs-abi.git" git repo:
"ethereumjs-abi": "git+https://github.com/ethereumjs/ethereumjs-abi.git",
Currently NPM does not run prepublish after installing a package from a Git repository.
When working with a team (i.e: I cannot ask team members to run npm install specifically on a dependent package), how can I use a package that requires a build step when installing from a Git repo?
You can try this: https://www.npmjs.com/package/npm-git-install
It requires nodegit, so you'll have to be able to install that as well on your system.