NPM loves Github

NPM Loves Github

Story Begins Here

Recently I was assigned to a issue, which cause some problems on authentication via Twitter. The app is written with NodeJS and dependency is managed via NPM. For authentication the app depends on mongoose-auth. After analyzing the logs I found out that real problem is not with the mongoose-auth but with a dependency for mongoose-auth called everyauth.

Then I looked into everyauth’s github and there is no such issue with Twitter authentication. Then I realized everyauth is now on 0.3.x release branch. But above mentioned everyauth (which is a dependency of mongoose-auth) is on 0.2.x. Then I thought updating mongoose-auth will fix this. Unfortunately version I have is the latest release of mongoose-auth.

What should I do now

With some more research I found out that, following patch will fix twitter issue on 0.2.x everyauth.

Everyauth Fix for Twitter

The Fix

Now I could’ve apply this to the local installed module by NPM. But It works only for this time only. One of the good feature of package managers like NPM is they will install all the dependencies with a single command. If I fix this manually I could not get that benefit. I simply didn’t like it. So I was looking for some other solution that works with NPM.

Here is what I did

Fortunately we can add a tarball as a NPM dependancy. So,

  1. I forked everyauth 0.2.x branch on github and apply above fix
  2. I too forked mongoose-auth and point everyauth to above repo (via tarball url generated by github)
  3. Then I point mongoose-auth dependency of my app to the above repo

This works really well with npm install and I don’t need to provide any documentation to my client.

Here the modification I did for my app’s package.json (NPM’s dependency definition file)

Change in package.json