Reputation: 644
Why does npm install with git+ssh install differently than https?
What is the difference between installing a npm package via https and ssh? My expectation is that the downloaded package would be the same but this is not the case. For example:
// package.json
"dependencies": {
"lodash": "^4.17.19"
// vs
"lodash": "[email protected]:lodash/lodash.git#semver:^4.17.19"
}
When I use the first option, the actual npm package gets installed. When I install via the second option, I get only the files that are whitelisted from the repo but not the actual package itself.
I don't see a good explanation in the npm documentation. Why aren't these installing the same thing? Is there a way to install the actual package via ssh and not the commit itself?
Upvotes: 0
Views: 631
Answers (1)
Reputation: 23838
Two ways of installing dependencies.
- From NPM repository itself (specify the version)
- From github (specify a branch OR commit and tag)
It is advisable to publish to the registry the minified/compiled version of the library than the source unless it is necessary. So, it is possible that what you get from the NPM is different than the source repository itself.
It is really question of the "place" (npm or github) than the method (http or ssh)
Upvotes: 1
Related Questions
- npm install from git use https instead ssh
- Npm gets stuck when installing from git with ssh
- npm install with git+ssh doesn't use existing ssh key for user
- npm install not picking up the correct ssh keys and unable to install private repo via ssh
- Private repo, git clone succeeds, npm install fails
- Trouble with ssh / https while using npm and git
- npm install error : "Host key verification failed."
- npm install fails due to private git repository both ssh and https connections
- npm install fails HTTP authentication on Linux
- npm install from a git repository not working