Skip to content

Instantly share code, notes, and snippets.

@jrburke

jrburke/gist:9101268

Created February 19, 2014 20:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jrburke/9101268 to your computer and use it in GitHub Desktop.
Save jrburke/9101268 to your computer and use it in GitHub Desktop.
Download ZIP
npm once
Raw
gistfile1.md

I have a node project. I want to use npm once to fetch a dependency, but from then on, do not depend on the npm registry. The packages installed may need to be compiled/built on different operating systems, not all the packages are pure JS.

I do not want an npm mirror, as I do not need all of npm. I just need the specific versions of the packages I need in my project. I would always set dependency versions to exact version numbers, and would explicitly do version upgrades when I needed. My ideal work flow:

mkdir project-node_modules
cd project-node_modules
mkdir node_modules

# install a bunch of packages, but only in source form, no building
npm install --ignore-scripts foo

# now commit project-node_modules to github.

Then in my actual project, I would fetch a zip file from github at a certain github commit for project-node_modules and install it locally as project/node_modules, then run all the build/scripts that npm install would normally do, but without trying to fetch anything from an npm registry.

It seems like npm rebuild is for that purpose, but it is still unclear to me that these two things:

npm install --ignore-scripts foo
# later
npm rebuild

is the same as (just time delayed in between) as:

npm install foo
@domenic
Copy link

domenic commented Feb 19, 2014

You should just be able to do

npm install --ignore-scripts foo
# later
npm install

@adamalex
Copy link

I really want this too! The main barrier seems to be that --ignore-scripts doesn't prevent native compilation.

$ npm install --ignore-scripts bcrypt
npm http GET http://registry.npmjs.eu/bcrypt
npm http 304 http://registry.npmjs.eu/bcrypt
npm http GET http://registry.npmjs.eu/bindings/1.0.0
npm http 304 http://registry.npmjs.eu/bindings/1.0.0

> bcrypt@0.7.7 install /Users/adam/Downloads/temp/node_modules/bcrypt
> node-gyp rebuild

  CXX(target) Release/obj.target/bcrypt_lib/src/blowfish.o
  CXX(target) Release/obj.target/bcrypt_lib/src/bcrypt.o
  CXX(target) Release/obj.target/bcrypt_lib/src/bcrypt_node.o
  SOLINK_MODULE(target) Release/bcrypt_lib.node
  SOLINK_MODULE(target) Release/bcrypt_lib.node: Finished
bcrypt@0.7.7 node_modules/bcrypt
└── bindings@1.0.0
$

@jrburke
Copy link
Author

jrburke commented Feb 19, 2014

@adamalex: I'm OK if there is a native compile I suppose (although a bit wasteful to commit that stuff in), but as long as it is properly recompiled later, which npm install later does seem to do in a quick test. Thanks @domenic, I'll give that pathway a try.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment