docs: git repos require a package.json #7313
Comments
wraithgar
changed the title
package.json)
|
Yes the docs should be updated. There isn't likely to be any way to do this without a package.json. That assumption is pretty deeply baked into a lot of npm, and that package.json needs to have a name and version in it. Also, auto-generating would require a TON of guessing, which is something we are trying to move away from in npm. Guessing what the user wanted will never be as useful as making them be explicit. Also, in the future please use the issue template. It was only by accident that I saw this issue. Normally this would slip through the cracks because it is missing the tags and info that our issue template adds. |
wraithgar
added
Priority 2
Apologies. I skipped the template because it wasn't clear to me that "Bug/Issue" was the right place for discussion and/or feature request. Is that the template I should have used in such a case? If not, perhaps a dedicated template for feature requests or discussions would be helpful.
Sure, that is totally reasonable. Node requires it, too. There needs to be one, no question. But where it comes from is the nuance of the rest of this message/thread.
Hmm, not to be argumentative, but I don't see this as much guessing in this case. You know what name to use because it's the name of the git repo they cloned. And if repo name isn't unique enough, surely "[github username]-[github repo name]" (like "davidshimjs-qrcodejs" above) would be, right? And my code snippet above suggested If I certainly understand NOT guessing any other meta data, and the general aversion to guessing. But I felt this was a pretty narrow case to warrant me making the suggestion.
In general, sure. The exception to this is packages like the one I linked, which sadly don't have a Surely that's silly that npm is cluttered with people creating worthlessly-forked packages of a commonly used library, just to work-around lack of a In the case where we can't get the original author to be explicit, I am just wondering if a tad bit of narrow guessing can be warranted? I also want to stress that my suggestion for this auto-generation is purely opt-in via flag and/or metadata. So the user installing such a git repo tries That seems like it would be narrow enough to be safe. No? |
|
New feature suggestions usually start at https://github.com/npm/feedback/discussions then make their way to https://github.com/npm/rfcs |
|
To me, the docs are pretty clear! The docs for npm install explicitly say: A
From (g), it is implied that a Also,
This argument is a red herring and has nothing to do with your feature suggestion. @wraithgar should relabel this issue as Wontfix and close IMHO. |
The docs for
npm install <git remote url>don't explicitly say that a git repository requires apackage.jsonfile in it. They say "package" a bunch, and I guess it should be obvious that this means apackage.jsonwould be required. But it wasn't. I lost several hours today trying to figure out why such an install was failing.It now seems more obvious, given that the error message was:
But again, it didn't click for me that this meant a
package.jsonwas required. Give the file system error (ENOENT), I thought there was some sort of file system permissions problem happening, or even perhaps a network issue getting files. I tweeted about it and thankfully someone offhandedly mentioned that such repo installs require apackage.json.OK, got it, now that makes more sense. But I think the docs could make this more explicit. And I think that error message could also have been more explicit. Instead of treating it like a general file system error (ENOENT), it could just say "Required
package.jsonwas missing." or something. That would have saved me several hours of wrong troubleshooting.All that said, I specifically wanted to ask if there's some way (perhaps with an additional flag on the
installcommand) to install such packages? Is it really a hard requirement that apackage.jsonfile be provided?Would it be possible to substitute a minimal auto-generated
package.jsonif it's not found in the repo?There are many github repos out there which have the files you need already checked into the repo, and no builds or dependency installs required. So for those repositories, they have no inherent need for a
package.jsonin their own project. But if they don't add one, then consumers like me can't use it vianpm.Here's the repo I was trying and failing to install via
npm install git+git@github.com:davidshimjs/qrcodejs.git. As you can see in that repo, it has the file I need,qrcode.min.jsin it.And in this case, I don't need to use it in node, so I don't actually need a
package.jsonto use it. I only need it innode_modulesso that a bundler/build process can grab that file. But ifpackage.jsonis really needed there, perhapsnpmcould just generate a little minimal stubpackage.jsonin that case, something like:{ "auto_generated": true, "source": "github.com:davidshimjs/qrcodejs.git", "name": "qrcodejs", "version": "0.0.20240324190100" }Maybe a command like
npm install git+git@github.com:davidshimjs/qrcodejs.git --auto-package-jsoncould opt into this additional auto-generation?Moreover, it'd also be nice if there was a way to list such a repository URL in a
dependencieslist of a project, such as:{ "dependencies": { "qrcode-js": "git+git@github.com:davidshimjs/qrcodejs.git" }, "dependenciesMeta": { "qrcode-js": { "auto-package-json": true } } }The text was updated successfully, but these errors were encountered: