0

How can we determine where an npm package was installed from?

I know we can use npm view <package> to view information about a package from a registry, but what about packages that were not installed from a registry (e.g. a git repo or local directory)?

Specifically, I'm trying to programatically determine whether a globally-installed npm package (CLI tool) was installed from a git repo or from a local directory. This package isn't published in any registries.

Update: For example, one could install a global package from GitHub by either of the following methods:

  • npm install -g git+https://github.com/linclark/github-pages-deploy.git
  • git clone https://github.com/linclark/github-pages-deploy && npm install -g github-pages-deploy

How can you tell which method was used to install it?

Logan
  • 1,575
  • 1
  • 17
  • 26
  • 1
    Did you open the `package.json` file in the installed package? It has some more meta-data that gets added upon install. – Evert Dec 30 '22 at 18:19
  • @Evert can you share a specific field I should be looking for? I don't see anything different in the `package.json` under the global `node_modules`. – Logan Dec 30 '22 at 18:29

1 Answers1

0

You can identify the package from it's name. It's look something like this in package.json

{

  "name": "name",
  "version": "0.0.1",
  "private": true,
  "dependencies": {
    "@react-native-async-storage/async-storage": "^1.17.11", --> Global package ,
    "@githubUserName/test-package@1.0.0" --> private package
  }
}

Also if you are using any private packages then you must have to contain .npmrc which contain information about private package. You can check from there also.

Harsh Kukarwadiya
  • 423
  • 1
  • 3
  • 12
  • The name in `package.json` isn't enough to tell where the package is from, even when considering any alternative registries that may have been configured. I can install an npm package from a local directory like `npm install -g .`, and the name could be anything I want, even something that exists in the official npm registry. – Logan Dec 30 '22 at 19:16