node.js 如何使用私有 Github 存储库作为 npm 依赖项
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/28728665/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to use private Github repo as npm dependency
提问by ryanve
How do I list a private Github repo as a "dependency"in package.json? I tried npm's Github URLssyntaxes like ryanve/example, but doing npm installin the package folder gives "could not install" errors for the private dependencies. Is there a special syntax (or some other mechanism) for depending on private repos?
如何将私有 Github 存储库列为"dependency"in package.json?我尝试了npm 的 Github URLs语法,例如ryanve/example,但是npm install在包文件夹中执行会为私有依赖项提供“无法安装”错误。是否有依赖私有存储库的特殊语法(或其他一些机制)?
回答by ryanve
It can be done via https and oauthorssh.
它可以通过https 和 oauth或ssh 完成。
https and oauth:create an access tokenthat has "repo" scope and then use this syntax:
https 和 oauth:创建一个具有“repo”范围的访问令牌,然后使用以下语法:
"package-name": "git+https://<github_token>:[email protected]/<user>/<repo>.git"
or
或者
ssh:setup sshand then use this syntax:
ssh:设置 ssh,然后使用以下语法:
"package-name": "git+ssh://[email protected]:<user>/<repo>.git"
(note the use of colon instead of slash before user)
(注意在用户之前使用冒号而不是斜线)
回答by Steve M
If someone is looking for another option for Git Lab and the options above do not work, then we have another option. For a local installation of Git Lab server, we have found that the approach, below, allows us to include the package dependency. We generated and use an access token to do so.
如果有人正在为 Git Lab 寻找另一种选择,而上述选项不起作用,那么我们还有另一种选择。对于 Git Lab 服务器的本地安装,我们发现下面的方法允许我们包含包依赖项。我们生成并使用访问令牌来执行此操作。
$ npm install --save-dev https://git.yourdomain.com/userOrGroup/gitLabProjectName/repository/archive.tar.gz?private_token=InsertYourAccessTokenHere
Of course, if one is using an access key this way, it should have a limited set of permissions.
当然,如果以这种方式使用访问密钥,它应该具有一组有限的权限。
Good luck!
祝你好运!
回答by equivalent8
With git there is a https format
使用 git 有一个 https 格式
https://github.com/equivalent/we_demand_serverless_ruby.git
This format accepts User + password
这种格式接受用户+密码
https://bot-user:[email protected]/equivalent/we_demand_serverless_ruby.git
So what you can do is create a new user that will be used just as a bot,
add only enough permissions that he can just read the repository you
want to load in NPM modules and just have that directly in your
packages.json
因此,您可以做的是创建一个将用作机器人的新用户,仅添加足够的权限,以便他可以读取您要加载到 NPM 模块中的存储库,然后直接将其添加到您的
packages.json
Github > Click on Profile > Settings > Developer settings > Personal access tokens > Generate new token
In Select Scopes part, check the on repo: Full control of private repositories
在 Select Scopes 部分,检查 on repo: Full control of private repositories
This is so that token can access private repos that user can see
这是为了使令牌可以访问用户可以看到的私有存储库
Now create new group in your organization, add this user to the group and add only repositories that you expect to be pulled this way (READ ONLY permission !)
现在在您的组织中创建新组,将此用户添加到该组并仅添加您希望以这种方式拉取的存储库(只读权限!)
You need to be sure to push this config only to private repo
您需要确保仅将此配置推送到私有仓库
Then you can add this to your / packages.json (bot-user is name of user, xxxxxxxxx is the generated personal token)
然后你可以把它添加到你的/packages.json(bot-user是用户名,xxxxxxxxx是生成的个人令牌)
// packages.json
{
// ....
"name_of_my_lib": "https://bot-user:[email protected]/ghuser/name_of_my_lib.git"
// ...
}
https://blog.eq8.eu/til/pull-git-private-repo-from-github-from-npm-modules-or-bundler.html
https://blog.eq8.eu/til/pull-git-private-repo-from-github-from-npm-modules-or-bundler.html
