23

I'm trying to make npm download only a single file in a directory on npm install of the package.

The directory looks like:

+- dist/
   +- 1.0.0/
   +- 1.0.1/
   +- ...lots of other dirs...
   +- file.js

I want npm to ignore everything but file.js so I tried including the following in my .npmignore:

dist/
!dist/file.js

Yet, npm will still download all the directories in dist when I install the package. I thought this was supposed to work like .gitignore but apparently I am missing something here.

m90
  • 11,434
  • 13
  • 62
  • 112

2 Answers2

17

Yes, it is working using glob patterns : https://docs.npmjs.com/misc/developers#keeping-files-out-of-your-package

But I would have a different approach :

dist/*
dist/.*
!dist/file.js

in order to no ignore the whole folder but it's content (the 2nd line may not be required).

thefourtheye
  • 233,700
  • 52
  • 457
  • 497
krampstudio
  • 3,519
  • 2
  • 43
  • 63
  • This works, but honestly I still don't understand why. Why does `!dist/file.js` "kill" the `dist/` rule, but not the `dist/*` one? Will this happen in git as well? – m90 Jun 22 '15 at 10:35
  • I think `dist/` means include the whole directory as it is (there is whitelisting here), but when you say `dist/*` or `dist/.*` it means include all the files in the directory `dist`. So, it allows blacklisting I guess. At least, that is how I chose to understand it ;-) – thefourtheye Jun 22 '15 at 10:38
  • 1
    Nice answer +1. I found the second line (`dist/.*`) was not necessary and you can test it using [how to debug npmignore](https://stackoverflow.com/questions/41412694/how-to-debug-npmignore) – David Rawson Aug 21 '17 at 02:40
  • `dist/.*` is used for hidden files – krampstudio Apr 08 '22 at 10:48
5

Recommendation: whitelist instead of blacklist

Answering the use case, I would instead recommend explicitly white listing what you want to publish with the files entry in package.json, rather than blacklisting with .npmignore, as that makes it is much more likely that you will not accidentally publish the wrong files. See also: https://medium.com/@jdxcode/for-the-love-of-god-dont-use-npmignore-f93c08909d8d

Here's a concrete example package which looks a bit like:

{
  "files": [
    "gitignore",
    "cirodown",
    "cirodown.js",
    "cirodown.embed.min.css",
    "cirodown.local.min.css",
    "cirodown.min.css",
    "index.js",
    "main.liquid.html",
    "main.scss",
    "nodejs.js"
  ],
}
Ciro Santilli OurBigBook.com
  • 347,512
  • 102
  • 1,199
  • 985
  • Why is whitelisting through package.json better than whitelisting through .npmignore? – chpio Jan 21 '21 at 10:38
  • @chpio can `.npmpignore` whitelist? I thought it blacklists only. – Ciro Santilli OurBigBook.com Jan 21 '21 at 10:42
  • yeah see the question, you first blacklist every file `*` then reverse the blacklisting on the needed files through `!filename`, whitelisting them. – chpio Jan 21 '21 at 10:45
  • @chpio ah, OK, I don't know then :-) Just found now that package.json seems to support globs too: https://stackoverflow.com/questions/32017169/npm-glob-pattern-not-matching-subdirectories Let me know if you find anything else of interest. – Ciro Santilli OurBigBook.com Jan 21 '21 at 11:10