New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow NPM packages to be installed from a URL #1214
Conversation
@deepwell: Before we can merge your pull request, you'll need to sign the Meteor Contributor Agreement: https://contribute.meteor.com/ |
My philosophy here was that it's good for packages to declare their dependencies as strictly as possible, so that builds are fully reproducible. While |
Alright that's fair. My need here is to be able to install private NPM modules that cannot be published to the official NPM repository, and therefore have to be pulled in from a non npmjs.org address. An even better/simpler solution (for me) might be to use a github address with a tag (like npm) eg:
Yes people can still abuse that; however, this is exactly what the node npm package currently supports. |
@glasser, I agree fully with your goal to make builds reproducible. The ability to get an npm module from a repo is also very very important for development. Cloning a specific tag or hash allows it to be both reproducible, as well as from a repo -- any reason not to do that? |
@deepwell: Before we can merge your pull request, you'll need to sign the Meteor Contributor Agreement: https://contribute.meteor.com/ |
Oops, sorry for the meteor-bot spam. A bug on our end. You're all set. |
I'm happy with that. Should I change the patch as per my last comment? |
Is this in the most recent version? I'm needing this ability as well? Thank you. |
@deepwell: Please do not create pull requests based on the |
Update the NPM integration module to allow installing an npm package from a private URL instead of limiting it to public npm modules only.
This replaces the _isGitHubTarball() function to handle not just git tarballs, but to handle any compressed package on any server.
You then use this the same way as the current github tarball feature:
Inside your package.js file add: