`npm link` should check for installed packages before querying the npm registry #1182

augustl opened this Issue Jul 24, 2011 · 7 comments


None yet

7 participants


When I npm link a package with a dependency that I have installed via npm link or a tarball, that isn't in the npm registry, npm fails.

Update 1:
Seems like npm link will npm install itself post link, to handle dependencies. And npm install doesn't seem to check if a dependency of a package is already installed before querying the registry. So that's the only fix needed it seems.

Update 2:
targetResolver in npm install only checks for existing installs in node_modules of the package from where npm link is executed. As seen below, this means it won't find packages that has been linked, since linking installs to ~/local/node/lib/node_modules.

So a sensible fix as far as I know would be to have targetResolver do a full scale check - i.e. NODE_PATH and node_modules in all parent directories.

Piggybacking on require.resolve is probably not a good idea, as some packages might only have a bin/ for example, and is not requireable.

How to reproduce

In ~/package-foo/package.json:

    "name": "package-foo",
    "version": "0.5.0"

In ~/package-bar/package.json:

    "name": "package-bar",
    "version": "0.5.0",
    "dependencies": {
        "package-foo": "*"

Then run:

$> cd ~/package-foo
$> npm-link
../local/node/lib/node_modules/package-foo -> /home/augustl/package-foo
$> cd ~/package-bar
$> npm link
npm ERR! 404 'package-foo' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it.
npm ERR! 404 Note that you can also install from a tarball or folder.
npm ERR! 
npm ERR! System Linux 2.6.39-ARCH
npm ERR! command "node" "/home/augustl/local/node/bin/npm" "link"
npm ERR! cwd /home/augustl/sandbox/package-bar
npm ERR! node -v v0.4.8
npm ERR! npm -v 1.0.20
npm ERR! 
npm ERR! Additional logging details can be found in:
npm ERR!     /home/augustl/package-bar/npm-debug.log
npm not ok

+1. This is similar to the issue I raised in #1024. I have worked around this by commenting out the dependencies in the packages that I want to link... but this isn't ideal.


Thanks for the workaround, sounds like a sensible temporary "fix".


+1 This keeps me from using npm offline.

npm member

In general, I'd like to be able to make the following guarantees:

  1. If the registry is set to null, or a registry request returns a 404, but it's in the cache already, then cache.add should return the existing data, rather than failing. (Ie, treat 404s as a 304, if we had some kind of data.)
  2. If npm.config.get("link") is true, and the global package is suitable, then it should not contact the registry for any reason. That is, don't even fetch the available versions from the registry in that case, just use whatever's linked.
  3. npm link should imply the --link flag when it does the local install.
@isaacs isaacs added a commit that referenced this issue Dec 7, 2011
@isaacs isaacs Reproduction for #1182 759c1fa

Is there any way to execute npm link without implying an npm install?

@othiym23 othiym23 added bug link labels Oct 19, 2015

@tomekwi No, there isn't.


it would be awesome if there was a flag for npm link so that the local package gets linked without checking dependencies at all.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment