diff options
| -rw-r--r-- | README.md | 21 | ||||
| -rw-r--r-- | doc/config.md | 47 | ||||
| -rw-r--r-- | doc/npm.md | 6 | ||||
| -rw-r--r-- | man/config.1 | 65 | ||||
| -rw-r--r-- | man/npm.1 | 14 |
5 files changed, 122 insertions, 31 deletions
@@ -7,17 +7,6 @@ Note: This is only half the info you need. The rest can be seen via To install npm and its documentation, do this: - make install - -If you get any complaints, try - - sudo make install - -Then do `man npm` or `npm help` for more information. - -If you want to just install npm, but leave your man folder untouched, -you can try this instead: - node install-npm.js If you'd prefer to just symlink in the current code so you can hack @@ -25,8 +14,12 @@ on it, then you can do this to create a symlink: ./cli.js link . -Any of these will use npm to install itself, like -[Ouroboros](http://en.wikipedia.org/wiki/Ouroboros). +If it dies with a "Permission Denied" or EACCESS error, then that probably +means that you are running node in a shared root-owned location. In that +case, you'll have to use sudo, and it'll behave like a multi-user app. + +You can customize this behavior by using the `root` and `binroot` config +options. See npm-config(1) ## A note about password security @@ -37,4 +30,4 @@ node 0.1.92, these functions aren't integrated yet. You can get around this by doing: - npm install http://github.com/waveto/node-crypto/tarball/v0.0.5 + npm install crypto@0.0.5 diff --git a/doc/config.md b/doc/config.md index 35aae9d00..78921069c 100644 --- a/doc/config.md +++ b/doc/config.md @@ -51,7 +51,15 @@ you're after. Deletes the key from the configuration file. -## Config File Settings +## Config Settings + +npm supports a very basic argument parser. For any of the settings +in npm-config(1), you can set them explicitly for a single command by +doing: + + npm --key val <command> + +Configurations defined on the command line are not saved to the .npmrc file. ### auto-activate @@ -62,23 +70,46 @@ version already. Set to "always" to always activate when installing. ### root -Default: ~/.node_libraries +Default: ~/.node_libraries in single-user mode, or `$INSTALL_PREFIX/lib/node` +in sudo-mode. The root folder where packages are installed and npm keeps its data. +### binroot + +Default: `$INSTALL_PREFIX/bin` + +The folder where executable programs are installed. + ### registry -Default: http://registry.npmjs.org/ +Default: https://registry.npmjs.org/ The base URL of the npm package registry. ### auth -A base-64 encoded "user:pass" pair. +A base-64 encoded "user:pass" pair. This is created by npm-adduser(1). + +If your config file is ever corrupted, you can set this manually by doing: -**FIXME**: This is not encoded in any kind of security sense. It's just base-64 + npm config set auth $(echo "username:password" | base64 -d) + +**NOTE**: This is not encoded in any kind of security sense. It's just base-64 encoded strictly so that it can be sent along the wire with HTTP Basic -authentication. An upcoming version of npm will encrypt this and save it back -to the registry as `auth-crypt`, which will be quite a bit more secure. Until -then, use a unique password that you don't mind being compromised. +authentication. + +### authCrypt + +If crypto.Cipher is available, and you have some private keys in `$HOME/.ssh`, +then npm will encrypt your "auth" config before saving to the .npmrc file, +and will decrypt the "authCrypt" config when it reads the .npmrc file. + +### tag + +Default: stable + +If you ask npm to install a package and don't tell it a specific version, then +it will install the specified tag. +Note: this has no effect on the npm-tag(1) command. diff --git a/doc/npm.md b/doc/npm.md index 6a8f295e8..5f1c4cb42 100644 --- a/doc/npm.md +++ b/doc/npm.md @@ -11,6 +11,12 @@ npm is a little package manager for the Node javascript library. See npm-help(1) for more details about specific commands. +npm supports a very basic argument parser. For any of the settings +in npm-config(1), you can set them explicitly for a single command by +doing: + + npm --key val <command> + If you are a package maintainer, please investigate the documentation at npm-json(1), npm-publish(1), and npm-tag(1) sections first. See npm-folders(1) section to see how you can leverage npm's functionality diff --git a/man/config.1 b/man/config.1 index ec261b635..594c6a124 100644 --- a/man/config.1 +++ b/man/config.1 @@ -1,7 +1,7 @@ .\" generated with Ronn/v0.4.1 .\" http://github.com/rtomayko/ronn/ . -.TH "NPM\-CONFIG" "1" "April 2010" "" "" +.TH "NPM\-CONFIG" "1" "May 2010" "" "" . .SH "NAME" \fBnpm\-config\fR \-\- Manage the npm configuration file @@ -75,7 +75,22 @@ npm config delete key .P Deletes the key from the configuration file. . -.SH "Config File Settings" +.SH "Config Settings" +npm supports a very basic argument parser. For any of the settings +in npm\-config(1), you can set them explicitly for a single command by +doing: +. +.IP "" 4 +. +.nf +npm \-\-key val <command> +. +.fi +. +.IP "" 0 +. +.P +Configurations defined on the command line are not saved to the .npmrc file. . .SS "auto\-activate" Default: true @@ -85,23 +100,55 @@ Automatically activate a package after installation, if there is not an active version already. Set to "always" to always activate when installing. . .SS "root" -Default: ~/.node_libraries +Default: ~/.node_libraries in single\-user mode, or \fB$INSTALL_PREFIX/lib/node\fR +in sudo\-mode. . .P The root folder where packages are installed and npm keeps its data. . +.SS "binroot" +Default: \fB$INSTALL_PREFIX/bin\fR +. +.P +The folder where executable programs are installed. +. .SS "registry" -Default: http://registry.npmjs.org/ +Default: https://registry.npmjs.org/ . .P The base URL of the npm package registry. . .SS "auth" -A base\-64 encoded "user:pass" pair. +A base\-64 encoded "user:pass" pair. This is created by npm\-adduser(1). . .P -\fBFIXME\fR: This is not encoded in any kind of security sense. It's just base\-64 +If your config file is ever corrupted, you can set this manually by doing: +. +.IP "" 4 +. +.nf +npm config set auth $(echo "username:password" | base64 \-d) +. +.fi +. +.IP "" 0 +. +.P +\fBNOTE\fR: This is not encoded in any kind of security sense. It's just base\-64 encoded strictly so that it can be sent along the wire with HTTP Basic -authentication. An upcoming version of npm will encrypt this and save it back -to the registry as \fBauth\-crypt\fR, which will be quite a bit more secure. Until -then, use a unique password that you don't mind being compromised. +authentication. +. +.SS "authCrypt" +If crypto.Cipher is available, and you have some private keys in \fB$HOME/.ssh\fR, +then npm will encrypt your "auth" config before saving to the .npmrc file, +and will decrypt the "authCrypt" config when it reads the .npmrc file. +. +.SS "tag" +Default: stable +. +.P +If you ask npm to install a package and don't tell it a specific version, then +it will install the specified tag. +. +.P +Note: this has no effect on the npm\-tag(1) command. @@ -20,6 +20,20 @@ npm is a little package manager for the Node javascript library. See npm\-help(1) for more details about specific commands. . .P +npm supports a very basic argument parser. For any of the settings +in npm\-config(1), you can set them explicitly for a single command by +doing: +. +.IP "" 4 +. +.nf +npm \-\-key val <command> +. +.fi +. +.IP "" 0 +. +.P If you are a package maintainer, please investigate the documentation at npm\-json(1), npm\-publish(1), and npm\-tag(1) sections first. See npm\-folders(1) section to see how you can leverage npm's functionality |