Modify package.json before npm install is run

However, it sounds like you’re reinventing the wheel, because the problem that you’re actually trying to solve already has a solution: [Support Guide] Using private NPM modules on Netlify

Unfortunately It’s not a private NPM module that is accessible on the internet with a key, it’s literally a private repo that exists only on a VPN.

Note that, preinstall should work. That’s not a Netlify thing to change. It’s handled by npm - the same npm that you run locally. If your local npm runs preinstall, the same should happen on Netlify.

Except in the situation where we restore your node modules from our build cache. In that case, since no npm install is run (we run it if it’s needed, we skip it otherwise), preinstall would not run either.

This is the output I get when I submit my package json that references my private repo.

5:21:43 PM: Build ready to start
5:21:57 PM: build-image version: fcb0c1b3ada6d25c1cb58e8bc514f5f23cc14f15 (focal)
5:21:57 PM: buildbot version: ee2ef905a4bdb64f7733dd60a718aa00319e6f82
5:21:57 PM: Fetching cached dependencies
5:21:57 PM: Starting to download cache of 127.1MB
5:21:58 PM: Finished downloading cache in 1.054s
5:21:58 PM: Starting to extract cache
5:22:00 PM: Finished extracting cache in 1.904s
5:22:00 PM: Finished fetching cache in 3.013s
5:22:00 PM: Starting to prepare the repo for build
5:22:00 PM: Preparing Git Reference refs/heads/master
5:22:02 PM: Custom build path detected. Proceeding with the specified path: 'UI'
5:22:02 PM: Custom publish path detected. Proceeding with the specified path: 'UI/dist'
5:22:02 PM: manpath: warning: $PATH not set
5:22:03 PM: Starting to install dependencies
5:22:03 PM: Python version set to 3.8
5:22:04 PM: Attempting Ruby version 2.7.2, read from environment
5:22:04 PM: Using Ruby version 2.7.2
5:22:05 PM: Started restoring cached go cache
5:22:05 PM: Finished restoring cached go cache
5:22:06 PM: go version go1.19.13 linux/amd64
5:22:07 PM: Using PHP version 8.0
5:22:09 PM: Started restoring cached Node.js version
5:22:10 PM: Finished restoring cached Node.js version
5:22:10 PM: v20.12.2 is already installed.
5:22:11 PM: Now using node v20.12.2 (npm v10.5.0)
5:22:11 PM: Enabling Node.js Corepack
5:22:11 PM: Started restoring cached build plugins
5:22:11 PM: Finished restoring cached build plugins
5:22:11 PM: Started restoring cached corepack dependencies
5:22:11 PM: Finished restoring cached corepack dependencies
5:22:11 PM: No npm workspaces detected
5:22:11 PM: Started restoring cached node modules
5:22:11 PM: Finished restoring cached node modules
5:22:11 PM: Installing npm packages using npm version 10.5.0
5:23:22 PM: Failed during stage 'Install dependencies': dependency_installation script returned non-zero exit code: 1
5:23:22 PM: npm ERR! code ERR_SSL_SSLV3_ALERT_HANDSHAKE_FAILURE
5:23:22 PM: npm ERR! errno ERR_SSL_SSLV3_ALERT_HANDSHAKE_FAILURE
5:23:22 PM: npm ERR! request to https://gitlab.avispl.com/api/v4/projects/1423/packages/npm/@avispl/hermes-endpoint/-/@avispl/hermes-endpoint-2.4.0.tgz failed, reason: 4068042DCE7F0000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1590:SSL alert number 40
5:23:22 PM: npm ERR!
5:23:22 PM: npm ERR! A complete log of this run can be found in: /opt/buildhome/.npm/_logs/2024-04-16T21_22_11_702Z-debug-0.log
5:23:22 PM: Error during npm install
5:23:22 PM: Failing build: Failed to install dependencies

And this is the output I get when I manually patch it and check in a version that references local files instead of the private repo

2:39:02 PM: build-image version: 3d3c7e8b4321e2c1a54a2c4584fb46ba742b1630 (focal)
2:39:02 PM: buildbot version: 3d3c7e8b4321e2c1a54a2c4584fb46ba742b1630
2:39:02 PM: Fetching cached dependencies
2:39:02 PM: Starting to download cache of 127.3MB
2:39:03 PM: Finished downloading cache in 1.444s
2:39:03 PM: Starting to extract cache
2:39:05 PM: Finished extracting cache in 1.81s
2:39:05 PM: Finished fetching cache in 3.308s
2:39:05 PM: Starting to prepare the repo for build
2:39:06 PM: Preparing Git Reference refs/heads/master
2:39:07 PM: Custom build path detected. Proceeding with the specified path: 'UI'
2:39:07 PM: Custom publish path detected. Proceeding with the specified path: 'UI/dist'
2:39:08 PM: manpath: warning: $PATH not set
2:39:08 PM: Starting to install dependencies
2:39:09 PM: Python version set to 3.8
2:39:09 PM: Attempting Ruby version 2.7.2, read from environment
2:39:10 PM: Using Ruby version 2.7.2
2:39:10 PM: Started restoring cached go cache
2:39:10 PM: Finished restoring cached go cache
2:39:10 PM: go version go1.19.13 linux/amd64
2:39:11 PM: Using PHP version 8.0
2:39:13 PM: Started restoring cached Node.js version
2:39:14 PM: Finished restoring cached Node.js version
2:39:14 PM: v20.12.2 is already installed.
2:39:14 PM: Now using node v20.12.2 (npm v10.5.0)
2:39:14 PM: Enabling Node.js Corepack
2:39:15 PM: Started restoring cached build plugins
2:39:15 PM: Finished restoring cached build plugins
2:39:15 PM: Started restoring cached corepack dependencies
2:39:15 PM: Finished restoring cached corepack dependencies
2:39:15 PM: No npm workspaces detected
2:39:15 PM: Started restoring cached node modules
2:39:15 PM: Finished restoring cached node modules
2:39:15 PM: Installing npm packages using npm version 10.5.0
2:39:18 PM: > playbook-cobalt@1.0.0 preinstall
2:39:18 PM: > node setupEmulation.js
2:39:18 PM: Checking to see if any patching is needed for emulation mode
2:39:18 PM: Patching package.json
2:39:18 PM: package.json patching complete
2:39:18 PM: Patching package-lock.json
2:39:18 PM: package-lock.json patching complete
2:39:18 PM: up to date, audited 348 packages in 3s
2:39:18 PM: 56 packages are looking for funding
2:39:18 PM:   run `npm fund` for details
2:39:18 PM: 8 vulnerabilities (6 high, 2 critical)
2:39:18 PM: To address issues that do not require attention, run:
2:39:18 PM:   npm audit fix
2:39:18 PM: To address all issues possible (including breaking changes), run:
2:39:18 PM:   npm audit fix --force
2:39:18 PM: Some issues need review, and may require choosing
2:39:18 PM: a different dependency.
2:39:18 PM: Run `npm audit` for details.
2:39:18 PM: npm packages installed
2:39:19 PM: Successfully installed dependencies
2:39:19 PM: Starting build script
2:39:20 PM: Detected 1 framework(s)
2:39:20 PM: "vite" at version "4.5.3"
2:39:20 PM: Section completed: initializing

Note how in the second one the install happens first, and then the preinstall script runs (you can see it’s console logs). “Install” happens and takes 3 seconds, then it runs the preinstall script and says all packages are installed in the same timestamp.

Weirdly enough if I commit with the modified package.json and package-lock.json that reference the local file, it creates an accurate node_modules folder, and everything works, but if I revert that commit the issue returns. I had hoped that creating a functioning cached node_modules would help, but it doesn’t seem to have.