Install NPM Packages from GitHub
Introduction
NPM is a node package management tool used to download or publish node packages via the npm package registry. It comes bundled with node.js setup. npmjs offers numerous open-source packages, such as Lodash, React, and Chalk to accelerate the development process.
Often, packages are not published on the npmjs registry, but they still can be used in a node project using the npm CLI tool. This guide explains the details of installing public and private NPM packages from GitHub.
Install Packages From Github
The npm command can install public packages from npmjs registry using the install command:
1npm install package-name package-name2
2# or
3npm i package-name package-name2Sometimes packages are not published on the npmjs registry, but it can still be installed using npm. The npm tool can access and install any public node project as a dependency from GitHub:
1npm i https://github.com/user_name/node_project_nameThe npm command will try to install the package using git clone. The npm command can also install the package from different GitHub repository states using a commit hash value, which can be used to install the package with a commit id:
1npm install use_name/node_project#commitNote: The
@symbol represents thenpmscope, a technique to group all the dependencies of a user or org in a folder. A package name without@and withname\namepattern will be treated as a GitHub package repository.
The branch name can be used to install a branch as a package:
1npm install use_name/node_project#branch_nameSimilarly, the tag or version names can be used to install a specific version of a GitHub package:
1npm install use_name/[email protected] #user_name/[email protected]
2npm install use_name/[email protected] #user_name/[email protected]gist can also be added using the id of a gist:
1npm install gist/gist_idInstall Private Packages From Github
An npm package can be installed from a private GitHub repository using an SSH repository link. SSH links are only available to logged-in users and can be used to access the private repositories of your GitHub. The SSH protocol uses a public key cryptography algorithm to authenticate the command to access GitHub repositories, and it needs to be configured with the GitHub account using the SSH keys. A private GitHub repository can be installed using the git+ssh as protocol:
1npm install git+ssh://[email protected]:user_name/node_project.gitNote: A GitHub package must have a meaningful
package.jsonfile to be installed as a package.
Addtional NPM Installation flags
The npm install command also provides many other features. For example, range can used to install a package with a given range for the version:
1npm install use_name/node_project">=1.0.0 <=2.0.0"Versions are often based on semver. --force will install a package from the remote package repository:
1npm install pacakge_name --forceglobal packages are installed in the global npm package folder, which is accessible to every project:
1npm install pacakge_name -globalThe --ignore-scripts flag is used to skip the execution of npm-scripts block.
And finally, the uninstall command is used to remove the dependencies from local projects, and the -g flag is used to remove global dependencies.
Tips
- A specific branch can also be installed using:
1https://github.com/{USER}/{REPO}/tarball/{BRANCH}- Consider reading the repository license carefully before using any dependency.
- Find useful insights on npmtrends.
- Use the Bit tool to distribute components from a project as a stand-alone package.
- Use a short alias like
npm i package-namewithnpmversion 5 or above without the--saveoption.npm5+ will automatically add the package as a dependency.
Conclusion
The npm installation from GitHub is quite useful for testing packages. It also gives the flexibility to install any specific branch, version, tag, and so on. Happy coding!
Learn More
Explore these GitHub courses from Pluralsight to continue learning: