NPM is a node package management tool used to download or publish node packages via the npm package registry. It comes bundled with node.js
setup. npmjs
offers numerous open-source packages, such as Lodash, React, and Chalk to accelerate the development process.
Often, packages are not published on the npmjs
registry, but they still can be used in a node project using the npm
CLI tool. This guide explains the details of installing public and private NPM packages from GitHub.
The npm
command can install public packages from npmjs
registry using the install
command:
1npm install package-name package-name2
2# or
3npm i package-name package-name2
Sometimes packages are not published on the npmjs
registry, but it can still be installed using npm
. The npm
tool can access and install any public node project as a dependency from GitHub:
1npm i https://github.com/user_name/node_project_name
The npm
command will try to install the package using git clone
. The npm
command can also install the package from different GitHub repository states using a commit
hash value, which can be used to install the package with a commit id:
1npm install use_name/node_project#commit
Note: The
@
symbol represents thenpm
scope, a technique to group all the dependencies of a user or org in a folder. A package name without@
and withname\name
pattern will be treated as a GitHub package repository.
The branch
name can be used to install a branch as a package:
1npm install use_name/node_project#branch_name
Similarly, the tag
or version
names can be used to install a specific version of a GitHub package:
1npm install use_name/node_project@tag #user_name/node_project@release
2npm install use_name/node_project@version #user_name/[email protected]
gist
can also be added using the id of a gist
:
1npm install gist/gist_id
An npm
package can be installed from a private GitHub repository using an SSH repository link. SSH links are only available to logged-in users and can be used to access the private repositories of your GitHub. The SSH protocol uses a public key cryptography algorithm to authenticate the command to access GitHub repositories, and it needs to be configured with the GitHub account using the SSH keys. A private GitHub repository can be installed using the git+ssh
as protocol:
1npm install git+ssh://[email protected]:user_name/node_project.git
Note: A GitHub package must have a meaningful
package.json
file to be installed as a package.
The npm
install command also provides many other features. For example, range
can used to install a package with a given range for the version:
1npm install use_name/node_project">=1.0.0 <=2.0.0"
Versions are often based on semver. --force
will install a package from the remote package repository:
1npm install pacakge_name --force
global
packages are installed in the global npm package folder, which is accessible to every project:
1npm install pacakge_name -global
The --ignore-scripts
flag is used to skip the execution of npm-scripts
block.
And finally, the uninstall
command is used to remove the dependencies from local projects, and the -g
flag is used to remove global dependencies.
1https://github.com/{USER}/{REPO}/tarball/{BRANCH}
npm i package-name
with npm
version 5 or above without the --save
option. npm
5+ will automatically add the package as a dependency.The npm
installation from GitHub is quite useful for testing packages. It also gives the flexibility to install any specific branch, version, tag, and so on. Happy coding!
Explore these GitHub courses from Pluralsight to continue learning: