69

Say you want to install a library lib-a which has dependencies dep-1 and dep-2. If lib-a has declared in its package.json to use a version of dep-2 that is out of date (say it doesn't work on node 0.8.0 which just came out), but there is a branch of dep-2 that works with node 0.8.0 - branch name node0.8.0.

So the packages in the equation are:

git://github.com/user-a/lib-a
git://github.com/user-b/dep-1
git://github.com/user-c/dep-2
git://github.com/user-c/dep-2#node0.8.0

Is there a way to tell NPM to install lib-a, but use dep-2#node0.8.0 instead of dep-2?

With NPM you can install a specific branch of a project like this:

npm install git://github.com/user-c/dep-2#node0.8.0

And if I were to customize the package.json of lib-a, you could tell it to use dep-2#node0.8.0 like this:

{
  "name": "lib-a",
  "dependencies": {
    "dep-1": ">= 1.5.0",
    "dep-2": "git://github.com/user-c/dep-2#node0.8.0"
  }
}

By modifying the package.json you can then run

npm install lib-a

and it will install the node 0.8.0 compatible dep-2 branch. But, that requires I have access to modifying lib-a, which for my specific case I don't. Technically, I could fork lib-a and make the above change to package.json. But in my specific case, lib-a is a dependency of another library, so I'd have to fork the project it's referenced in, and on and on...

So the question is, is there a way to tell NPM to install lib-a, and tell it to use the node0.8.0 branch of dep-2? Something like this:

npm install lib-a --overrides dep-2:git://github.com/user-c/dep-2#node0.8.0

That would be awesome. If it's not possible, that would be good to know so I can prepare myself to have to fork/customize the chain of projects.

Lance
  • 75,200
  • 93
  • 289
  • 503

1 Answers1

46

NPM install syntax:

npm install (with no args in a package dir)
npm install <tarball file>
npm install <tarball url>
npm install <folder>
npm install [@<scope>/]<name> [--save|--save-dev|--save-optional] [--save-exact]
npm install [@<scope>/]<name>@<tag>
npm install [@<scope>/]<name>@<version>
npm install [@<scope>/]<name>@<version range>
npm i (with any of the previous argument usage)

so you can choose one of these methods to install your modules.

The case of the simplest way to install a specific version is this one:

npm install module@0.0.2

more info: https://docs.npmjs.com/cli/install

micnic
  • 10,915
  • 5
  • 44
  • 55
  • 10
    It looks like if you install the dependency first, then the other libraries that require that dependency won't download their own. That solves the problem! Thanks! – Lance Jun 27 '12 at 23:45
  • 2
    Is that correct? I tried npm -g install /path/to/my/fork-with-fix and then npm -g install package-which-should-use-forked-dependency-with-fix and ... it still downloads official version. – Maciej Łopaciński Jul 14 '13 at 19:19
  • Have a look at `npm link`. – knownasilya Jan 06 '14 at 17:44
  • 17
    Yeah, this answer really doesn't answer the question as I understand it at all. Lance Pollard's comment above seems to be the answer but I'm not sure under what circumstances I should be able to count on that behaviour. c.f. http://stackoverflow.com/questions/15806152/how-do-i-override-nested-npm-dependency-versions which discusses `npm shrinkwrap` as another potential solution – natevw Jan 28 '14 at 21:21
  • 2
    Looks like the behaviour @LancePollard's discovered in his comment is documented by https://npmjs.org/doc/cli/npm-install.html#ALGORITHM — if an alternate (but still "satisfying") dependency is already installed "further up the tree" as it were, then the buggy one will mercifully NOT get installed as a sub-submodule. – natevw Jan 28 '14 at 21:34
  • @LancePollard has the right idea, but doesn't explain it fully. As an example, I was trying to install underscore-cli. It is broken OOTB because the version of commander is newer. Specifying which version of commander to use was accomplished with: npm install -g commander@1.0.5 underscore-cli. Using Maciej Łopaciński's example: npm -g install /path/to/my/fork-with-fix package-which-should-use-forked-dependency-with-fix should probably work. – Ryan Beesley May 15 '14 at 02:42
  • I was trying `npm install module 0.0.2` since morning. You saved my day. +1. – RBT May 24 '17 at 00:21
  • Updated link to npm install algorithm: https://docs.npmjs.com/cli/install#algorithm – thisismydesign Feb 06 '20 at 10:28