node package manager


A simple npm bash wrapper, to use GitHub as a light-weight npm registry for publishing.


A simple npm bash wrapper, to use GitHub as a light-weight npm registry for publishing.

I wanted:

  • A private NPM registry,
  • which was easily accessible by GitHub teams and users,
  • who already had access to my private GitHub repos,
  • but did not necessarily have access to my corporate intranet / vpn.

I did not want:

  • To have to maintain a private NPM registry on a public / hosted server.
  • To have individual GitHub repos for each npm package.
  • To spend the time to modify an npm fork.

I don't care about:

  • Having a web-based search-able, browse-able interface; GitHub is good enough for me.
  • The unsightly git output when npm-gh publishes to a repo. I might fix it one day, when I care more.


First of all, you'll need npm.

Then at a command-line:

npm install -g  git://

Yep, that's right, npm-gh uses its own repo as a GitHub-backed public npm registry for itself.

I may also publish on But not today.


In your package.json you need the following:

"name": "$myPackage",
"version": "$myVersion",
"registry": {
  "type": "git",
  "url": "$GitHubAccount/$RegistryRepo.git

If any of the above properties do not exist, or if you invoked npm-gh in any other way, npm is called instead.

Once your package.json is ready, you can run npm-gh publish, and it will publish version $myVersion of $myPackage to $RegistryRepo on $GitHubAccount, assuming you have the correct GitHub permissions to do so.

In another package which depends on $myPackage you should add the following to your package.json dependency list:

"$myPackage": "git+ssh://$GitHubAccount/$RegistryRepo.git#$myPackage/$myVersion"

git+ssh://$GitHubAccount... is necessary for $RegistryRepos which are private.

git://$GitHubAccount.. should be sufficient for $RegistryRepos which are public.

npm publish allows you to specify tarballs and / or directories to publish.

npm-gh currently only allows you to publish your current working directory. The next release will address that.

npm-gh ignores the private property of your package.json, as the whole point was to be able to publish private packages to a potentially private GitHub repo, instead of the public npm registry.

npm-gh will allow you to update an existing published version.

While this is bad practice for released versions, the script allows it, to keep it simple, and also to allow for pre-release versions to change during the R&D lifecycle, without bumping version numbers in the package.json.

Removal and pruning of obsolete versions of packages is currently only possible by deleting the appropriate branches in the $RegistryRepo via git.


This package is made available under the MIT License.