@boco/packman
v0.22.0
Published
Bulk download, publish, and copy packages and their dependencies by using the command line
Downloads
123
Maintainers
Readme
@boco/packman
Bulk download, publish, and copy packages and their dependencies by using the command line.
Currently supports npm but future support for pypi and other package managers is planned.
Getting Started
Install packman:
npm install @boco/packman -g
Using the CLI
packman
uses commander
and is modular by design.
There are three layers of commands.
- The first layer are named after the package managers:
npm
,pypi
,nexus
, etc. - The second layer are the names of the operations:
download
,publish
,copy
, etc. - The third and last layer are modes of operation:
package
,package-lock
, etc.
We don't nest deeper than three layers.
Anything beyond that is an argument.
The primary arguments are typically unprefixed, whereas the rest are prefixed with --
.
Check the usage info for the details.
You can append --help
at any layer to see the relavent arguments and sub-commands.
So you can run:
packman --help
packman command --help
packman command sub-command --help
npm
Download packages
Download packages based on any of the following:
- the name [and version] of a package
- a local
package-lock.json
file - the url to a
package-lock.json
file - a local
package.json
file - the url to a
package.json
file - the results of an npm search by keyword
Packages can be downloaded from any npm repository.
- The default is https://registry.npmjs.org/.
- The registry can often be overriden by using the
--registry
,--source
, or--target
arguments, depending on the command. Check the command's arguments to be sure.
The downloaded packages will be stored by default in a tarballs
subdirectory of the current directory.
- The subdirectory will be created if necessary.
- You can specify a different subdirectory by using the
--directory
argument.
package name [and version]
by name:
packman npm download package lodash
Will download the latest version of the package.
by name and version:
packman npm download package lodash 4.17
by name, including devDependencies
and peerDependencies
:
packman npm download package lodash --devDependencies --peerDependencies
package-lock.json
from local file:
packman npm download package-lock ./path/to/package-lock.json
from url:
packman npm download package-lock https://path/to/package-lock.json
package.json
from local file:
packman npm download package-json ./path/to/package.json
from url:
packman npm download package-json https://path/to/package.json
search keyword:
downloads the packages returned from an npm search query (https://registry.npmjs.org/-/v1/search?)
packman npm download search lodash
Keep in mind that all of the packages returned in the search results and their dependencies will be downloaded. If you're not careful, this could download a huge number of packages, which is probably not what you want. Wield with care.
Publish packages
Publish packages stored in a directory generated by the npm download
command (e.g., ./tarballs
) to the current registry.
The packman npm publish
command does not perform authentication.
You have to authenticate with the target registry before you run it.
Publish with npm
packman npm publish tarballs ./path/to/tarballs
By default, the packages will be published to the current registry.
You can publish to a different registry by using the --registry
argument.
packman npm publish --registry http://localhost:4873/
Copy packages
The packman npm copy
command essentially downloads all the specified packages from a source registry and publishes them to a target registry.
- The source registry must be specified, except for the package-lock mode.
- The default target registry is always the current registry, determined by running
npm get registry
. It can be overridden by passing the--target
argument.
Many of the copy
subcommands and arguments mirror the download
subcommands and arguments, but there are a few important differences:
download
uses the current registry as its source, whereascopy
uses it as its target.copy
uses--source
and--target
arguments (as necessary) to specify the registries instead of thedownload
command's--registry
argument.copy
generates a new timestamped tarballs directory every time the command is run, whereasdownload
reuses the singletarballs
subdirectory.
Note that the list of differences is based on the default behavior when the relevant arguments are not overridden.
package name [and version]
by name:
packman npm copy package lodash --source https://registry.npmjs.org/
Will download and then publish the latest version of the package.
by name and version:
packman npm copy package lodash 4.17 --source https://registry.npmjs.org/
by name, including devDependencies
and peerDependencies
:
packman npm copy package lodash --devDependencies --peerDependencies --source https://registry.npmjs.org/
package-lock.json
The --source
argument is not supported for the package-lock
command because the absolute URIs of the packages are specified in the package-lock.json
file.
from local file:
packman npm copy package-lock ./path/to/package-lock.json
from url:
packman npm copy package-lock https://path/to/package-lock.json
package.json
from local file:
packman npm copy package-json ./path/to/package.json --source https://registry.npmjs.org/
from url:
packman npm copy package-json https://path/to/package.json --source https://registry.npmjs.org/
search keyword:
downloads the packages returned from an npm search query (https://registry.npmjs.org/-/v1/search?)
packman npm copy search lodash --source https://registry.npmjs.org/
Keep in mind that all of the packages returned in the search results and their dependencies will be downloaded and then published. If you're not careful, this could download a huge number of packages, which is probably not what you want. It might also take a significant amount of time to publish them. Wield with care.
Nexus
For the most part, we will work with packages hosted in Nexus using their respective clients and will almost never use the Nexus API directly. However, accessing the Nexus API directly is sometimes necessary.
Publish packages
Publishing packages stored in a directory generated by the npm download
command (e.g., ./tarballs
) to the current registry.
The packman nexus publish
command does not perform authentication.
You have to authenticate with the target registry before you run it.
packman nexus publish tarballs ./path/to/tarballs
By default, the packages will be published to the current registry.
You can publish to a different registry by using the --registry
argument.
packman nexus publish tarballs --registry http://localhost:4873/
credit
Forked from node-tgz-downloader and combined with other repositories by @Meir017