node package manager


publish packages to your own s3 bucket, install an resolve nested private or public deps without replacing or hacking npm



Publish packages to your own s3 bucket, install and resolve nested private or public deps without replacing or hacking npm.


npm install -g s3npm

configure #TODO im working on this now.

s3npm configure

following the setup you just use npm normally

npm install

to setup a package update your package.json file to include

  • s3Dependencies
  • depend on s3npm
  • and run s3npm in the postinstall hook
    "postinstall":"s3npm install"


cd to your module

s3npm publish

I attempted a solution without s3npm globally. see prepublish footnote.

you just use npm install normally, but the projects package.json will need a postinstall hook that executes s3npm install


s3npm looks for the most local .s3npm.json file from the root of the package that you are installing or from process.cwd()

to create the json file you may.

s3npm configure

this will ask you for your

  • amazon keys if not in your environment
  • the optional s3 bucket for your project
  • and the directory to install the config information.

if your aws credentials are not provided they will be read from the environment. #TODO if you do not specify a default bucket your package name must be prefixed with the bucket name delimited by / bucketname/packagename

user managmanet with iam. oh my! see footnote.

But automated deployments will probably want to create the file manually.

Add an .s3npm.json to your project directory

{ "defaultBucket": "bucket-name"
, "key": "aws-key"
, "secret": "aws-secret"
, "dependenciesKey": "optional package.json key for s3 deps, defaults to 's3Dependencies'"

add s3npm as a dependency for your private module


i attempted to use the prepublish hook to trigger s3npm publish and exit with a 1 to prevent the publish to the real registry.

  • prepublish is run on every npm install and i cannot find out that the context of the hook is install rather than publish. you probably dont want to publish every install so.. failure.

i feel that its important to be able to manage user accounts and access but IAM is hard. i started a module called iamhard but have not had time to finish it. this has to work awesome if its added at all.

npm depends on many modules and the install is a bit slow. ideally i would not have to depend on it considering that npm is installed with all node deployments.

  • I should just be able to use it. With that i would have to worry about version issues etc probably bad.
  • with tests to implement the portions of npm that i need but i may skew from npm and no one likes bugs from divergent implementations.