Erin Heinz

Installing a Private Github Dependency Via Npm

January 16, 2020

2 min read

Make sure that your library is configured at the root of your repository.
- Has a package.json with dependencies.
Configure the package.json at the root of the project to build the library upon installation using a prepare script in the scripts tags
- “prepare”: “npm run build”
- This will generate a dist folder when upon library installation.
Make sure that you have a .npmignore file See reference.
- This can just be an empty file.
- This will prevent npm from ignoring the dist directory upon installation.

Clone the repository that you would like to use your library within
Create a Private Access Token for yourself
- Generate the Access token for HTTPS: Settings > Developer Settings > Personal Access Tokens.
- When creating your token, make sure that the repo permission checkbox is selected.
Reference your library in your parent project
- Find the package.json in your parent project
- Add a link to your github project in format listed below
- Make sure that the name in your library’s package.json matches the name of the library that you are importing. See reference. This is important since you are using git links
[Optional] Configure a company user who has read only access to your private library repository.
- Following Step #2, generate a read-only token for this user. This an be used in your project’s git dependency link.
- Since this is a read-only access token which is committed to a private repository, there is minimal security risk.
- This can also be used on the Jenkins server with no configuration

{
  "dependencies": {
    "[package_name]": "git+https://[personal_token]:x-oauth-basic@github.com/[user]/[project].git#[commit-ish]"
  }
}

The commit-ish can be: