How to use private Github repo as npm dependency
It can be done via https and oauth or ssh.
https and oauth: create an access token that has "repo" scope and then use this syntax:
"package-name": "git+https://<github_token>:x-oauth-basic@github.com/<user>/<repo>.git"
or
ssh: setup ssh and then use this syntax:
"package-name": "git+ssh://git@github.com:<user>/<repo>.git"
(note the use of colon instead of slash before user)
If someone is looking for another option for Git Lab and the options above do not work, then we have another option. For a local installation of Git Lab server, we have found that the approach, below, allows us to include the package dependency. We generated and use an access token to do so.
$ npm install --save-dev https://git.yourdomain.com/userOrGroup/gitLabProjectName/repository/archive.tar.gz?private_token=InsertYourAccessTokenHere
Of course, if one is using an access key this way, it should have a limited set of permissions.
Good luck!
With git there is a https format
https://github.com/equivalent/we_demand_serverless_ruby.git
This format accepts User + password
https://bot-user:xxxxxxxxxxxxxxxxxxxxxxxxxxx@github.com/equivalent/we_demand_serverless_ruby.git
So what you can do is create a new user that will be used just as a bot, add only enough permissions that he can just read the repository youwant to load in NPM modules and just have that directly in yourpackages.json
Github > Click on Profile > Settings > Developer settings > Personal access tokens > Generate new token
In Select Scopes part, check the on repo: Full control of private repositories
This is so that token can access private repos that user can see
Now create new group in your organization, add this user to the group and add only repositories that you expectto be pulled this way (READ ONLY permission !)
You need to be sure to push this config only to private repo
Then you can add this to your / packages.json (bot-user isname of user, xxxxxxxxx is the generated personal token)
// packages.json{ // .... "name_of_my_lib": "https://bot-user:xxxxxxxxxxxxxxxxxxxxxxxxxxx@github.com/ghuser/name_of_my_lib.git" // ...}
https://blog.eq8.eu/til/pull-git-private-repo-from-github-from-npm-modules-or-bundler.html