npm install dependencies of local modules - npm

I'm having trouble using npm with a local module. My project's structure looks like:
package.json
local_module/
- package.json
- gulpfile.json
gulpfile.js
The main project's package.json is essentially:
{
"dependencies": {
"local_module": "file:local_module"
},
"devDependencies": {
"gulp": "..."
}
}
The local module's package.json is essentially:
{
"scripts": {
"prepublish": "gulp release"
},
"devDependencies": {
"gulp": "..."
}
}
My intention is keep my project modular by keeping local_module as its own package that is used as a dependency for the main project. I want to run npm install in the main project and use local_module from node_modules. However, local_module needs gulp installed to run the prepublish step, and when running npm install from the main project, it does not install the dependencies for local_module, and so gulp isn't installed, so it can't do the prepublish step.
Several questions like this have been asked, like NPM doesn't install module dependencies, but many are old and there are so many versions of npm that I can't get a clear solution.
How can I get npm to install local_module's dependencies before the prepublish step? I tried adding a preinstall step for the main project, e.g.
"preinstall": "cd local_module && npm install"
But it seems npm tries to run the prepublish step of local_module before running the preinstall for the main project. I want a solution that will do this in one npm install step rather than having a separate step before this to do npm install in the local module.

I have found a solution that will work for me in the immediate future. I changed local_module's package.json to:
{
"scripts": {
"prepublish": "npm install --ignore-scripts && gulp release"
},
"devDependencies": {
"gulp": "..."
}
}
When npm install is run from the main project, the prepublish step is run first in local_module, so I force prepublish to also do an install so that gulp is available to do the actual prepublish step. This is hardly ideal however.

Related

What is the best way to build TS assets in a NPM package

I have a NPM package with TypeScript based React components. When the package is installed, I would like to run a script that essentially runs tsc to compile the TS files, then delete the src folder when done.
// Excerpt from package.json
"scripts": {
"build": "rm -rf ./dist && tsc",
"install": "tsc",
"postinstall": "rm -rf ./src tsconfig.json"
},
However, I noticed that the install hook always runs, whether you're running npm install git+ssh://git#github.com:sparkbuzz/react-components.git but also when you run npm install from within the package (during development for example)
Is there a way to ensure the install script is only executed when the NPM package is remotely installed?

Can "NPM -i" (local) install a global package without i know it?

I'm ok with local dependencies that packages install. But now I have a huge concerns about if a local installed package can install other global packages as dependencies.
as example:
npm install nunjucks
npm install sqlite
or
npm install botkit
It is not possible to mark a dependency as global in package.json, so that it is installed system-wide when you run npm i.
Here's an old comment by Isaac Schlueter stating that this will never be implemented.
Hooowever, it would be really simple to write a preinstall script to install arbitary dependencies globally.
{
"name": "Project",
"version": "1.0.0",
"description": "Preinstall script to install global deps",
"main": "index.js",
"scripts": {
"preinstall": "node -e \"const {execSync} = require('child_process'); JSON.parse(fs.readFileSync('package.json')).globalDependencies.forEach(globalDep => execSync('npm i -g ' + globalDep));\""
},
"dependencies": {
"react": "16.13.1"
},
"globalDependencies": [
"lodash"
],
"license": "ISC"
}
Copy this code into a package.json file in a folder on your PC. Then, in the folder run npm i. It will install React locally (in a node_modules folder) and it will install lodash globally.
You can verify this using: npm i ls -g --depth=0.
Reference: Install dependencies globally and locally using package.json
As to your question:
Can npm -i (local) install a global package without me knowing it?
It's not entirely silent. When running npm i for the above package.json file, you would see the following output:
> Project#1.0.0 preinstall /home/jim/Desktop/Project
> node -e "const {execSync} = require('child_process'); JSON.parse(fs.readFileSync('package.json')).globalDependencies.forEach(globalDep => execSync('npm i -g ' + globalDep));"
npm WARN Project#1.0.0 No repository field.
audited 6 packages in 1.113s
found 0 vulnerabilities
But whether you would catch this when running npm i on a large project is debatable.

run npm script after package installing

I have a simple git repository https://github.com/alexey-sh/test_webpack_with_npm
I want to use it as npm dependency but without publishing in npm.
So in other words I want to install the package in my another repository as dependency.
npm i --save git+https://github.com/alexey-sh/test_webpack_with_npm.git
But I want to use a modern js in my test_webpack_with_npm project and compile it into old javascript after package installation process. To achieve it I created npm scripts (test_webpack_with_npm package)
"scripts": {
"install": "npm run build",
"build": "webpack --mode production --config webpack.config.js",
"test": "echo \"Error: no test specified\" && exit 1"
},
so now there's a weird thing:
if I run npm run build from test_webpack_with_npm repository I can get dist/index.js without class declaration (as I expected).
but if I install the package via the following command
npm i --save git+https://github.com/alexey-sh/test_webpack_with_npm.git
I get another type of dist/index.js and there are class declaration.
How can I install the test_webpack_with_npm properly? I want to see old js in node_modules/test_webpack_with_npm/dist/index.js.
Steps to reproduce:
mkdir my_test_project
cd my_test_project
npm init
npm i --save git+https://github.com/alexey-sh/test_webpack_with_npm.git
check node_modules/test_webpack_with_npm/dist/index.js
Thanks!
the fix is very simple. just replace exclude with include in webpack config
include: path.join(__dirname, 'sources'),
that works perfectly.
updated config goes here https://github.com/alexey-sh/test_webpack_with_npm/blob/master/webpack.config.js

Build npm-package from private git on install

I got a private bitbucket repo A that I install via npm in my project B.
npm install git+ssh://git#bitbucket.org....git
That works with no problems.
But now I would like to run a build in A after installing it.
npm in default comes with a lot of scripts for stuff like that https://docs.npmjs.com/misc/scripts
I tryed postinstall, prepare, prepublish, preinstall in my package.json in A:
...
"scripts": {
"prepublish": "npm run build",
"build": "...",
...
On installing my package A in B I get npm Error: npm ERR! premature close
I would like to run the build on install to remove build files from git (A).
In this case the build runs webpack + babel compile.
Project B is made with create-react-app.
I don't want to eject create-react-app, setup webpack or compile all node_modules packages.
Any experience with this workflow?
There is no need to eject Project B just adding your Project A as a dependency in package.json is enough. And for Project A please use "preinstall" it will run before every npm install including when you run npm install on Project B. And in my case I just tested it it working perfectly in my machine. If you encountering issue I think it might be because of the way you building it maybe? So can you show us the build script?
Use prepare since according to the NPM docs it will install dependencies and devDependencies before the package is packaged and installed.
Which is helpful if you are compiling using Typescript, or doing transforms.
...
"scripts": {
"prepare": "npm run build",
"build": "...",
...
Note: If your dist/build directory is ignored in .gitignore. Add an empty .npmignore file to your repository; otherwise the prepare script won't build the directory.
Ref: https://docs.npmjs.com/cli/install

Allow local project to depend on local lerna packages

I have a lerna repo for a project under development. It has several packages that depend on each other. To make development easier, none of the packages are published and they depend on the latest version of each other.
Directory tree
foo/
packages/
core/
package.json
errors/
package.json
foo/packages/core/package.json
{
...
dependencies: {
"#foo/errors": "*"
}
}
I have another project, bar, that I'm using to test the lerna project. Currently I'm linking to its dependencies using a local file: dependency:
bar/package.json
{
...
dependencies: {
"#foo/core": "../foo/packages/core"
}
}
This approach has given me a world of trouble.
Using npm, I'm constantly hit with ENOENT .DELETE errors. Removing my package-lock.json and reinstalling has taken years off my life.
Using yarn, I've been unable to yarn install in bar. Yarn follows the file: dependency to #foo/core, sees that it depends on #foo/errors and doesn't know about lerna's symlink. This causes it to fail, telling me it can't find #foo/errors.
This has made writing actual code for this project secondary to this mess of dependency management.
How can I make this (I feel fairly simple?) project structure work? Open to lerna/yarn/npm/pnpm/shell scripts/MS DOS at this point.
You should be able to accomplish this with npm link. Although I have not tried this using a local dependency that is not published on npm.
Directory tree
foo/
packages/
core/
package.json
errors/
package.json
bar/
package.json
foo/packages/core/package.json
{
...
dependencies: {
"#foo/errors": "*"
}
}
bar/package.json
{
...
dependencies: {
"#foo/core": "../foo/packages/core"
}
}
Run the following commands
cd foo
npx lerna clean
npx lerna bootstrap --hoist
npm run build # command to build your projects
cd packages/core
npm link
cd ../../../bar
npm i
npm link #foo/core
Removing package-lock.json files usually does more harm then good! And about not being able to find #foo/errors, if you ran npm bootstrap, #foo/core should be symlinked to #foo/errors. One possibility could be that your lerna scripts are using npm while you where running install/link with yarn.
Can you move your lerna up to a directory which hold both 'foo' and 'bar'?
Is that possible?
root/
foo/
packages/
core/
package.json
errors/
package.json
bar/
package.json
lerna.json
And in your lerna file, you can add your repos to packages
{
"lerna": "2.9.0",
"packages": [
"foo/packages/*",
"bar/",
],
}
Under slightly different conditions where one of the npm modules you are working is not part of your lerna repo, you can use lerna to exec the npm link command.
npx lerna exec -- npm link <npm_package_name>
This will npm link the external package in all of your lerna modules.
This should not be confused with lerna link which will do something similar for all submodules in your your lerna repo and is the current solution to the question.
Use can try like that:
foo/packages/core/package.json
{
...
dependencies: {
"#foo/errors": "file:../errors"
}
}
bar/package.json
{
...
dependencies: {
"#foo/core": "file:../foo/packages/core"
}
}