Skip to content

Instantly share code, notes, and snippets.

@nichoth

nichoth/npm-tricks.md

Last active September 9, 2023 00:14
Show Gist options
  • Save nichoth/1f054534a8749cefe2034a199b588948 to your computer and use it in GitHub Desktop.
Save nichoth/1f054534a8749cefe2034a199b588948 to your computer and use it in GitHub Desktop.
Download ZIP
Little things you can do with `npm`
Raw
npm-tricks.md

publish a private repo on github packages

In package.json, I usually use a postversion hook to publish to npm. Here we want to do the same thing, but we need to use a secret key because this is a private package.

create a token with read & write permissions

See this worded differently

In the repo's .env file, add the secret key. This file is ignored in git.

NPM_TOKEN="ghp_xxxxx"

In .npmrc, read the secret:

//npm.pkg.github.com/:_authToken=${NPM_TOKEN}

Expand the .env file in the npm pubish command:

{
  "scripts": {
    "postversion": "git push && git push --tags && export $(cat .env | xargs) && npm publish",
  }

Create another token with read permissions

For the server (for installing dependencies) we want a token with read permissions only. Use this when installing dependencies

"scripts": {
   "preinstall": "export $(cat .env | xargs)",
}

In github, create an access token, then add it to the local .env file.

set the registry

to use the public registry for install:

npm i <pkg name> --@my-scope:registry=https://registry.npmjs.org/

publish to both a private and public registry

{
  "scripts": {
    "postversion": "git push && git push --tags && npm run pub,
    "pub": "npm publish && export $(cat .env | xargs) && npm publish --@my-scope:registry=https://registry.npmjs.org/""
  }
}

This is assuming that the 'default' publish target is configured in publishConcifg

{
  "publishConfig": {
    "registry": "https://npm.pkg.github.com"
  },
}

Set the env variable NPM_TOKEN before installing

{
    "preinstall": "export $(cat .env | xargs)",
}

And in .npmrc

@my-scope:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${NPM_TOKEN}

list dependencies

to list dependencies:

npm ls --omit=dev --depth=0

count dependencies

to return a count of dependencies:

expr $(npm ls --omit=dev --depth=0 | wc -l) - 2

- 2 is for two lines that are automatically added to the output

prepublishOnly npm hook

Build & publish the code, without duplicating code in git:

  "scripts": {
    "test": "standard index.js",
    "pub": "npm pub && npm publish --registry https://npm.pkg.github.com",
    "build": "esbuild index.js --outfile=dist/index.cjs --platform=node --format=cjs",
    "prepublishOnly": "npm run build"
  },

Use this hook to build some source code into a distributable version when you publish to npm.

Ignore the compiled files in git .gitignore:

dist/*

Create a file .npmignore, and tell it not to ignore the compiled files:

!dist/*

misc

when installing

npm i -D some-package --legacy-peer-deps
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment