debuggable

 
Contact Us
 

Private npm modules

Posted on 8/9/11 by Felix Geisendörfer

Thanks to Isaac, npm is getting more and more awesome by the hour. One of the coolest recent additions (you need at least v1.0.26) is the ability to specify private git repositories urls as a dependency in your package.json files.

At transloadit, we are currently using the feature to move some of our infrastructure code into separate packages, allowing for those to be tested and developed in isolation making our core application easier to maintain and work on.

The syntax for referencing a git repository (and commit) is as follows:

{
  "name": "my-app",
  "dependencies": {
    "private-repo": "git+ssh://git@github.com:my-account/node-private-repo.git#v0.0.1",
  }
}

This will include a private npm module called "private-repo" from GitHub. The url also contains an optional refspec (#v0.0.1) that tells npm which branch, commit, or in this case tag you want to have checked out.

Now of course this is not the only way to do private npm repositories, but it is much simpler than running your own registry, so I would recommend it to most people.

Before you head of to play with this, here is a final tip that may safe you some headaches. In all your private npm modules, add "private": true to your package.json. This will make sure npm will never let you accidentally publish your secret sauce to the official npm registry.

Happy hacking, --fg

PS: When deploying, don't forget that you need to authorize the servers ssh key for the GitHub repository you are depending on.

 

(Theoretically) Related Posts

&nsbp;

You can skip to the end and add a comment.

Comments 6 Comments   |   Add Comment Add Comment
Bill Barnhill said on Sep 10, 2011:

Very useful tip, thank you.

Will said on Oct 03, 2011:

Thanks for the code, thats very useful for a project I've just started. Searched about a bit to find it thou lol.

Martin Wawrusch said on Nov 04, 2011:

Awesome, just awesome. Thank you, this is exactly what I needed.

Peter Host said on Dec 02, 2011:

An awesome NPM feature I missed. This is so useful, and away we go with require.paths !
thanks for this tip.

Jed Schmidt said on Dec 21, 2011:

Awesome post, Felix. You should consider adding a caveat about this npm bug: https://github.com/isaacs/npm/issues/1727

Sean Bannister said on Feb 28, 2012:

Thanks a heap was looking for exactly this and was wondering why it kept throwing errors, I was missing git+ssh.

- Sean Bannister

This post is too old. We do not allow comments here anymore in order to fight spam. If you have real feedback or questions for the post, please contact us.