APKBUILD examples:JavaScript

From Alpine Linux
Jump to: navigation, search
Underconstruction clock icon gray.svg
This material is work-in-progress ...

Alternate message.
(Last edited by Orson Teodoro on 3 Mar 2018.)

Packaging JavaScript based apps is easy as long as there is no heavy dependencies that may break on musl. Currently Electron based GUI apps are not supported but a wide range of command line apps are available on Linux which can be packaged for use for Alpine users.

Because there are literally hundreds of dependencies for a Node.js application, it makes more sense to just keep them all internal dependencies except those that require special patching. We are going to just cover the trivial packages easy packages for now.

Again, only package applications not Node.js libraries, but only if the Node.js package requires patching on musl.


  • Node.js -- nodejs
  • npm -- nodejs-npm
  • A open source project with a package.json file in the root or in the app folder

Which archive to get?

You still want to grab the archive file (.zip, .tar.gz, ...). Do not use npm install $pkgname@$pkgver. If the archive doesn't exist, then you can use that command in snapshot().

Global variables



In this step we tell npm to get the dependencies and build the binary dependencies if any. These dependencies will be placed in a folder called node_modules in the same directory as the package.json. You may need to do this repetitively at the root level and in the app folder if any, or wherever you see a package.json file without a node_modules.

 build() {
       cd "$builddir"
       npm install


This is a simple example without documentation. You need to package the bin folder, the package*.json file, and the lib folder. There may be other files that need to be packaged. All apps should be placed in the "$pkgdir"/usr/lib/node_modules/$pkgname to make them visible for other nodejs programs or to keep track of the npm dependencies for CVE check for future tool.

You also want to place symlinks for some programs but not all because there is some overlap between npm apps for compatibility reasons and the native apps. Only symlink the main or major programs not the dependencies.

 package() {
       cd "$builddir"
       install -d "$pkgdir"/usr/share/doc/$pkgname "$pkgdir"/usr/lib/node_modules/$pkgname
       cp -a bin lib node_modules package*.json "$pkgdir"/usr/lib/node_modules/$pkgname
       ln -s /usr/lib/node_modules/$pkgname/bin/$pkgname "$pkgdir"/usr/bin


 check() {
       cd "$builddir"
       npm test


Since you are packaging the dependencies and the app under one package, you should list all the licenses for those dependencies in the license field. Use grep and find to find them.

Security updates

In an event of a CVE notice and a update to fix that CVE for a npm dependency, you need to rebuild the package(s) and increment the pkgrel.