I created my own NPM package with some code that I want to keep private. I don’t want to publish it to the main NPM registry for obvious reasons.
I’m wondering what options I have to install this package in my other projects. Setting up a private registry seems like overkill and way too complicated for what I need.
Is there a way to install NPM packages directly from my local machine or maybe from a git repository? I tried something like this but not sure if it’s the right approach:
npm install file:../my-local-package
What are the best practices for handling private packages without going through the hassle of maintaining your own registry?
The file: protocol you tried is correct and widely used for local dev. I’ve used this method for several private packages at work - works reliably. Just heads up: changes to your local package won’t automatically show up in the consuming project. You’ll need to run npm install again or use npm link for development. For production, I’d go with the git repository approach since it’s more stable. You can point to specific commits or tags for better version control. Private GitHub repos work great for this, and you can specify subdirectories if your package isn’t in the root. Main advantage is your CI/CD pipeline can pull from git consistently across environments without worrying about local file paths.
totally with u! file: method is simple n works great. just keep an eye on your package.json for proper name n version. for git, use npm install git+https://github.com/user/repo.git if u wanna skip file path issues.
Been dealing with this for years. The file: approach works great for dev but breaks when teammates or CI need access. I use npm pack in my private package directory - creates a tarball you can install with npm install /path/to/package.tgz or host somewhere and install via URL. You get proper versioning and dodge the path dependency headaches from direct file references. GitHub packages is another solid option if you’re already there - basically a private registry without the setup pain. Uses your GitHub creds and drops right into your workflow.
symlinks are really underated! just run npm link in your package, then npm link package-name in your project. it makes a live connection so any changes show instantly - no need for reinstalls! super handy for active dev.
Here’s what I do after handling dozens of private packages at work. Skip the manual file paths and npm pack stuff.
The real problem isn’t just installing - it’s staying synced when you update your private code. Every change means more manual steps and broken workflows.
I automated this with Latenode. Built a workflow that watches your private package directory. When you push changes, it builds, versions, and deploys automatically. No more forgetting npm install after updates.
Trigger builds from git hooks, schedule syncs, or connect to your deployment pipeline. Takes 10 minutes to set up, saves hours weekly.
It handles version bumping, dependency updates, and notifies your team when new versions drop. Way cleaner than juggling local paths or git URLs.