Comments (4)
New feature suggestions usually start at https://github.com/npm/feedback/discussions then make their way to https://github.com/npm/rfcs
from cli.
To me, the docs are pretty clear! The docs for npm install explicitly say:
A package
is:
- a) a folder containing a program described by a
package.json
file - b) a gzipped tarball containing (a)
- c) a url that resolves to (b)
- d) a
<name>@<version>
that is published on the registry (seeregistry
) with (c) - e) a
<name>@<tag>
(seenpm dist-tag
) that points to (d) - f) a
<name>
that has a "latest" tag satisfying (e) - g) a
<git remote url>
that resolves to (a)
From (g), it is implied that a <git remote url>
should resolve to a folder containing a program described by a package.json
file.
Also,
Surely that's silly that npm is cluttered with people creating worthlessly-forked packages of a commonly used library, just to work-around lack of a package.json.
This argument is a red herring and has nothing to do with your feature suggestion.
@wraithgar should relabel this issue as Wontfix and close IMHO.
from cli.
Yes the docs should be updated. There isn't likely to be any way to do this without a package.json. That assumption is pretty deeply baked into a lot of npm, and that package.json needs to have a name and version in it. Also, auto-generating would require a TON of guessing, which is something we are trying to move away from in npm. Guessing what the user wanted will never be as useful as making them be explicit.
Also, in the future please use the issue template. It was only by accident that I saw this issue. Normally this would slip through the cracks because it is missing the tags and info that our issue template adds.
from cli.
in the future please use the issue template
Apologies.
I skipped the template because it wasn't clear to me that "Bug/Issue" was the right place for discussion and/or feature request. Is that the template I should have used in such a case? If not, perhaps a dedicated template for feature requests or discussions would be helpful.
There isn't likely to be any way to do this without a package.json
Sure, that is totally reasonable. Node requires it, too. There needs to be one, no question. But where it comes from is the nuance of the rest of this message/thread.
auto-generating would require a TON of guessing
Hmm, not to be argumentative, but I don't see this as much guessing in this case. You know what name to use because it's the name of the git repo they cloned. And if repo name isn't unique enough, surely "[github username]-[github repo name]" (like "davidshimjs-qrcodejs" above) would be, right?
And my code snippet above suggested 0.0.[iso8601-numeric-timestamp]
as version number, like 0.0.20240324190100
above, with the timestamp being the moment it was installed.
If name
and version
are the only required fields, is that really too much "guessing" in this narrow context?
I certainly understand NOT guessing any other meta data, and the general aversion to guessing. But I felt this was a pretty narrow case to warrant me making the suggestion.
Guessing what the user wanted will never be as useful as making them be explicit.
In general, sure.
The exception to this is packages like the one I linked, which sadly don't have a package.json
(so they can't be explicit), haven't been touched in almost a decade (and are likely to never get touched again, given the lack of issues triage), but are popular enough that literally a dozen other people have self published their own packages that do nothing but fork that repo and add a package.json
file just to publish.
Surely that's silly that npm is cluttered with people creating worthlessly-forked packages of a commonly used library, just to work-around lack of a package.json
.
In the case where we can't get the original author to be explicit, I am just wondering if a tad bit of narrow guessing can be warranted?
I also want to stress that my suggestion for this auto-generation is purely opt-in via flag and/or metadata. So the user installing such a git repo tries npm install
and that fails because of the missing package.json
... then they add the --auto-package-json
flag or whatever, to explicitly ask npm to do that minimal amount of guessing.
That seems like it would be narrow enough to be safe. No?
from cli.
Related Issues (20)
- [BUG] "There appears to be trouble with your network connection. Retrying..."
- [BUG] "There appears to be trouble with your network connection. Retrying..." HOT 2
- [Feature request] Support overriding `main`, `exports` and other package.json fields with `publishConfig` HOT 1
- [BUG] Installing an aliased package with an empty name will install the 'undefined' package HOT 2
- * OS: linux
- [BUG] Unable to install packages w/ brew linked node | macOS | NODE_EXTRA_CA_CERTS defined, behind ZScaler firewall HOT 2
- ### File `EIPS/(milehigh.world)eip-7708.md`
- Should npm init emit type=module? HOT 4
- [BUG] npm install progress bar not showing HOT 4
- npm is unable to authenticate when attempting to run npm install in my project folder HOT 2
- [BUG] npm audit fix --force installs a vulnerable version of puppeteer HOT 3
- [BUG] Get a package with optionnalDependencies from private registry. Get private package with `cpu` and `os` specified.
- Infosys Support Renewal FY25 HOT 1
- [BUG] ETARGET No matching version found after version update; cache clear helps HOT 6
- `npm edit` bug when editor path has a space in it HOT 1
- This problem existed when there was no `[email protected]` published yet. Now I don't know how to reproduce it anymore.
- [BUG] npm install 'my-package' silently drops extra hard links to the same inode in node_modules/my-package HOT 1
- [BUG] <title>i have738 issues help
- [BUG] created package size differs between 10.1.0 vs 10.2.3 HOT 1
- Special error for missing command HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cli.