dealing with private node.js packages

Share this post:

While is a great place to host node packages, ANYONE can access them. What happens if you have multiple application which all use a package you wrote, but you’d like to not have to publish that package publicly? Maybe it contains secrets, or maybe you just don’t think there’s any value in publishing it publicly.

Those sorts of packages are referred to as “private packages”.

Private packages like this aren’t really a first-class notion in the node world – yet. But there are various strategies you can use to provide this capability until they are.

I built a sample application that can be hosted on Bluemix that makes it easy to deal with private packages, via an npm postinstall script. The sample app, description of how it works, and instructions how you can use it are available at this GitHub repo:

The documentation also discusses other strategies for dealing with private packages, in general.

More stories
May 7, 2019

We’ve Moved! The IBM Cloud Blog Has a New URL

In an effort better integrate the IBM Cloud Blog with the IBM Cloud web experience, we have migrated the blog to a new URL:

Continue reading

May 1, 2019

Two Tutorials: Plan, Create, and Update Deployment Environments with Terraform

Multiple environments are pretty common in a project when building a solution. They support the different phases of the development cycle and the slight differences between the environments, like capacity, networking, credentials, and log verbosity. These two tutorials will show you how to manage the environments with Terraform.

Continue reading

April 29, 2019

Transforming Customer Experiences with AI Services (Part 1)

This is an experience from a recent customer engagement on transcribing customer conversations using IBM Watson AI services.

Continue reading