Last month, we introduced slc, a command line tool that ships with the StrongNode distribution for building and managing applications. It’s a Swiss-Army knife tool that provides commands for scaffolding, debugging, testing and documenting Node.js source code. With today’s release of StrongNode Beta 3, we are introducing new functionality to the command-line tool that lets you install packages from the StrongLoop Node repository, the community repo and/or a private repo. That’s right StrongNode now has support for private repos!
What does support private npm servers mean?
Just like it says on the tin. We’ve added functionality to slc so that it is now possible to download packages from multiple npm servers.
Why did we build support for multiple npm servers?
Even though at the core of the StrongNode distribution are a set of vetted and supported modules, we wanted to make it possible for users to still take advantage of the modules offered by the community and those which might be maintained in private repositories. A perfect example where this might be valuable would be a company that is building a Node application and has decided to build its own modules. They’ve also decided to maintain them in a private repo. While this company doesn’t necessarily want to share these modules with the public, it still wants the ability to pull in modules from the community npm and the StrongNode repo.
How does support for multiple npm servers work?
Behind the scenes, to make npm query both the StrongLoop and the “official” npm registry, we’ve extended the way npm parses the
registry configuration option. Previously, the registry option was simply supposed to be an url. With our changes it is now also possible to make the options into a hash table, which allows you to specify per-repository configurations. That means you can add something like the following to your .npmrc file:
url = https://registry.npmjs.org/
priority = 1
_auth = XVzOnBhbm5la29lazEzcGpyY2lzYXVyZ
email = email@example.com
url = https://registry.mycompany.com/
install-priority = 100
publish-priority = 0
priority option may need some explanation. When npm is installing a package, it’ll start querying the registry with the highest priority. If a requested package isn’t found in the preferred registry, it’ll search other registries as well. When publishing a module, it’ll simply pick the registry with the highest priority.
It is also possible to override the priority used for a specific purpose with the
publish-priority options. This lets you publish to a particular repository while preferring another when installing packages.
By default, the slc command-line tool queries the StrongLoop repository first and then the community npm. By default, the slc command-line tool queries the StrongLoop repository first and then the community npm. You’ll want to note that the “install” and “list” commands will warn you if a module is not supported in the StrongNode distro.
There are some rough edges left that we’ll work out in the near future. For example, it is currently not possible to manually override the repository to operate against. That means that authenticating yourself with a particular repository currently isn’t easy. Also notice that, although we intend to make this feature available in the official npm client, it hasn’t gotten there yet, and is currently available only in the slnode client. We’ve modified the npm client to support multiple npm repos, but that’s only half the equation. In a follow on blog post we’ll go over how to set up your own private repository. Let us know what you think!