Depend on a branch or tag using a git URL in a package.json?
GitDependenciesNpmBranchGit TagGit Problem Overview
Say I've forked a node module with a bugfix and I want to use my fixed version, on a feature branch of course, until the bugfix is merged and released.
How would I reference my fixed version in the dependencies of my package.json?
Git Solutions
Solution 1 - Git
From the npm docs, using a git URL:
git://github.com/<user>/<project>.git#<branch>
git://github.com/<user>/<project>.git#feature\/<branch>
As of NPM version 1.1.65, you can use a shorten github URL:
<user>/<project>#<branch>
UPDATE 2022
Don't use git:// protocol for GitHub, as it is not supported
npm ERR! The unauthenticated git protocol on port 9418 is no longer supported.
npm ERR! Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
Solution 2 - Git
per @dantheta's comment:
> As of npm 1.1.65, Github URL can be more concise user/project. npmjs.org/doc/files/package.json.html You can attach the branch like user/project#branch
So
"babel-eslint": "babel/babel-eslint",
Or for tag v1.12.0 on jscs:
"jscs": "jscs-dev/node-jscs#v1.12.0",
Note, if you use npm --save, you'll get the longer git
From https://docs.npmjs.com/cli/v6/configuring-npm/package-json#git-urls-as-dependencies
> Git URLs as Dependencies
>
> Git urls are of the form:
>
> git+ssh://[email protected]:npm/cli.git#v1.0.27
> git+ssh://[email protected]:npm/cli#semver:^5.0
> git+https://[email protected]/npm/cli.git
> git://github.com/npm/cli.git#v1.0.27
> If #<commit-ish> is provided, it will be used to clone exactly that commit. If > the commit-ish has the format #semver:<semver>, <semver> can be any
> valid semver range or exact version, and npm will look for any tags or refs
> matching that range in the remote repository, much as it would for a registry
> dependency. If neither #<commit-ish> or #semver:<semver> is specified, then
> master is used.
> GitHub URLs
>
> As of version 1.1.65, you can refer to GitHub urls as just "foo":
> "user/foo-project". Just as with git URLs, a commit-ish suffix can be
> included. For example:
>
> JSON > { > "name": "foo", > "version": "0.0.0", > "dependencies": { > "express": "expressjs/express", > "mocha": "mochajs/mocha#4727d357ea", > "module": "user/repo#feature\/branch" > } >}
Solution 3 - Git
If you want to use devel or feature branch, or you haven’t published a certain package to the NPM registry, or you can’t because it’s a private module, then you can point to a git:// URI instead of a version number in your package.json:
"dependencies": {
"public": "git://github.com/user/repo.git#ref",
"private": "git+ssh://[email protected]:user/repo.git#ref"
}
The #ref portion is optional, and it can be a branch (like master), tag (like 0.0.1) or a partial or full commit id.
Solution 4 - Git
On latest version of NPM you can just do:
npm install gitAuthor/gitRepo#tag
If the repo is a valid NPM package it will be auto-aliased in package.json as:
"NPMPackageName": "gitAuthor/gitRepo#tag"
}```
If you could add this to @justingordon 's answer there is no need for manual aliasing now !
Solution 5 - Git
If it helps anyone, I tried everything above (https w/token mode) - and still nothing was working. I got no errors, but nothing would be installed in node_modules or package_lock.json. If I changed the token or any letter in the repo name or user name, etc. - I'd get an error. So I knew I had the right token and repo name.
I finally realized it's because the name of the dependency I had in my package.json didn't match the name in the package.json of the repo I was trying to pull. Even npm install --verbose doesn't say there's any problem. It just seems to ignore the dependency w/o error.