I need to host packages but keep them private, while being able to refer to them as dependencies in package.json files of projects. A free solution is preferred so I'd prefer not to create an org NPM account to host private NPM packages.
Specifically I'm trying to host Angular packages, meaning it's a mono-repo structure which contains the source code of all the packages, and the packages are stored in Releases as tarballs in order to be able to individually depend on them. That structure makes this case differ from solutions like this one: How to use private Github repo as npm dependency ; I need to be able to refer to specific files, not the repo.
The structure of the repo is along these lines:
- dist -- package1 --- esm, fesm, package.json -- package2 --- ... -- package3 --- ...
- projects -- package1 --- source code, package.json -- package2 --- ... -- package3 --- ...
- package.json
- angular.json
As long as the repo is public I can simply to refer to the files by URL, but problems arise when the repo becomes private.
I tried using this notation to refer to dependencies:
"package-name": "https://github.com/Org/Repo/releases/download/latest/package-name.tgz"
And it works while the repo is public.
As soon as the repo is private I get the following error:
E404
npm ERR! 404 Not Found - GET https://github.com/Org/Repo/releases/download/latest/package-name.tgz
npm ERR! 404
npm ERR! 404 'core@https://github.com/Org/Repo/releases/download/latest/package-name.tgz' is not in this registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
