Local Dependency Management with NPM

Recently, I've started abstracting similar code from different projects into shared repositories. Doing so has created enormous benefits in terms of maintainability and testability but has also created the new challenge of versioning this shared repository and ensuring ease of configuration when on-boarding new people.

This is one of the problems that NPM seeks to solve, however, if you don't want your code to be available to everyone you'll need to shell out for for private repos or roll your own. Fortunately there's a simple solution: point your package.json to install modules directly from github.

By prefixing any github repository with git+ssh://, you can use NPM to install modules directly. For example, if you wanted to install superagent from github directly, you would simply run npm install --save git+ssh://[email protected]:visionmedia/superagent.git. This method also works for github private repos as long as you have access to them and you're setup with ssh keys.

An important note with this method: NPM will only know to update the module if the version number in package.json is changed, so anytime you make changes to the module, be sure to increment the version number. That way anyone on your team can simply npm install and receive the most up-to-date changes. If that isn't acceptable, you can also peg the module to specific git tags or commit hashes with the @ or # symbols respectively.

Finally, if you're doing active development on a module while using it in a project, you can run npm link <module directory> to symlink your local development directory to whichever project uses the module. As a bonus, tools like watchify will automatically follow the symlink and watch the module files for changes.