Private github repo as dependency is extraneous on npm install

Question

This is my first time using a private repo as a dependency in another project. I think I am doing it right, but the dependency is not available in the new project after install and is not in node_modules.

Following this post I can see that I am including it in the package.json correctly like:

"myPackage": "git+https://github.com/myusername/mygitrepository.git"

When I run npm install on this package, I see this that it does not have an error, but after this dependency in the list, it is shown with extraneous(git+https://github.com/myusername/mygitrepository.git).

Even though there is the extraneous issue, there is no error, and the dependency is not available or listed in node_modules.

Update: repo_A package.json

{
  "name": "project-name",
  "version": "1.0.0",
  "description": "Backend utility functions",
  "scripts": {
    "test": "mocha"
  },
  "repository": {
    "type": "git",
    "url": "git+https://github.com/user/repo.git"
  },
  "author": "me",
  "license": "ISC",
  "bugs": {
    "url": "https://github.com/user/repo/issues"
  },
  "homepage": "https://github.com/user/repo#readme",
  "dependencies": {
    "lodash": "^4.17.4",
    "mongodb": "^2.2.25",
    "redis": "^2.7.1",
    "winston": "^2.3.1"
  }
}

Update: repo_B package.json

{
  "name": "main-project-name",
  "version": "1.0.0",
  "description": "",
  "repository": {
    "type": "git",
    "url": "git+https://github.com/user/repo.git"
  },
  "author": "someone else",
  "homepage": "https://github.com/user/repo.git",
  "dependencies": {
    "async": "2.1.4",
    "chai": "^3.5.0",
    "langs": "1.1.0",
    "lodash": "4.13.1",
    "node-stopwatch": "0.0.1",
    "request": "2.74.0",
    "winston-loggly": "^1.3.1",
    "utils": "user/repo_A.git#master"
  },
  "scripts": {
    "test": "mocha"
  }
}

Update for latest steps Here are the steps I am following now to test each possible solution, followed by the output:

rm -rf node_modules
npm cache clean
npm install

Output

├─┬ async@2.1.4
│ └── lodash@4.17.4
├─┬ chai@3.5.0
│ ├── assertion-error@1.0.2
│ ├─┬ deep-eql@0.1.3
│ │ └── type-detect@0.1.1
│ └── type-detect@1.0.0
├── util@1.0.0  extraneous (git+ssh://git@github.com/user/repo_A.git#commit-ish)
.......

Jason Livesay · Accepted Answer · 2017-03-29T01:32:00.267

6

If you specify https then that will be looking for a login user and password I believe, which I don't think it can load automatically. I would list it simply as "user/repo" and make sure that machine has an ssh key on it that is in github like the setup described in help such as https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#platform-linux and that things are setup so that pulling down that repo does not require user interaction.

EDIT: After testing, I think the issue is that your name in the package.json does not match how you have listed it in your main project's dependencies. In my test, this resulted in the modules being installed but I got the extraneous message.

edited Mar 29 '17 at 01:32

answered Mar 28 '17 at 23:24

Jason Livesay

6,317
3
25
31

Thanks, I had not thought about the https aspect. However, I have also tried "user/repo" and that has had the same end result. It shows this still: – johnny_mac Mar 28 '17 at 23:42
`extraneous (git+ssh://git@github.com/username/repo.git)`. – johnny_mac Mar 28 '17 at 23:48
You did not address the rest of my response about ssh keys etc. – Jason Livesay Mar 28 '17 at 23:54
I did not mention that in my comment as ssh keys are set up and not an issue – johnny_mac Mar 28 '17 at 23:58
1

extraneous means "packages that are not listed on the parent package's dependencies list" .. is there a parent package? – Jason Livesay Mar 29 '17 at 00:05
This sounds like I am doing something wrong, and maybe my understanding is wrong and solved in a fairly simple fashion. Here is what I am working with: repo_A is a simple repo with util functions and its own package.json which includes dependencies such as lodash, mongodb etc. repo_B is a project repo that uses these utility functions. This has many dependencies, including the util repo, which of course is not working. What would I need to add to repo_A dependency list, if that is the cause of 'extraneous'? – johnny_mac Mar 29 '17 at 00:12
If its like you say that sounds like maybe they are not using 'extraneous' to mean that. Can you add the package.json of the main project and the package.json of the util repo to the question please. – Jason Livesay Mar 29 '17 at 00:29
Can you update the post with the exact `npm install` command that you ran? – Jason Livesay Mar 29 '17 at 01:26
See the edit at the bottom of my post about the name field. – Jason Livesay Mar 29 '17 at 01:31
So it needs to be named whatever the other repo is? Like: `"repo_A": user/repo_A` – johnny_mac Mar 29 '17 at 01:38
The dependency in the main project package.json needs to be listed as "project-name" if the "name" field in the util project's package.json is actually "project-name". That may or may not match with the repo name on github. – Jason Livesay Mar 29 '17 at 01:41
Oh, gotcha. I was using a key/pair of `"util": "user/repo_A"` and was getting this problem. When I follow your advice and change that to `"repo_A": "user/repo_A"`, I do not get extraneous anymore and I can see the directory in the node_modules. Thanks so much and sorry for wasting your time with such a stupid mistake. – johnny_mac Mar 29 '17 at 01:46
No problem glad I could help. – Jason Livesay Mar 29 '17 at 01:47

Private github repo as dependency is extraneous on npm install

1 Answers1