Node.js, private modules and deployment on Heroku

By on 25 Aug 2014

NPM modules are a natural way to modularize your node.js codebase. But you will soon run into troubles during deployment on services like Heroku as it would not be able to get to your private repositories. One alternative around this is to use Github's Personal Access Tokens. You would have to generate a personal token with repo scope access.

Github Personal Token

You can then use the the following url in your package.json file to point to the private repo on github.

  "name": "Awesome Module",
  "description": "Some description",
  "dependencies": {
    "express": "~4.8.5",
    "private-module": "git+https://<githubtoken>"

From the Github Scopes document, the repo scope does the following.>Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations.

Now this is just short of checking in your password. The other alternative is only use the private repo path without the token during dev and check in the node_modules. However, the community seems to be divided on that subject. I am personally biased towards checking in the node_modules of my app.

How do you modularize your node.js app? Do you run your own NPM registry? If not, how do you manage private module dependencies?

comments powered by Disqus