package.json. The Cloud Functions
Node.js runtimes generally support installing using npm or
yarn.
To specify a dependency for your function, add it to your package.json file.
In this example, a dependency is listed in the package.json file:
{
"dependencies": {
"escape-html": "^1.0.3"
}
}
The dependency is then imported in the function:
JavaScript
const escapeHtml = require('escape-html');
// Return a greeting with the input HTML-escaped.
exports.hello = functions.https.onRequest((req, res) => {
res.send(`Hello ${escapeHtml(req.query.name || req.body.name || 'World')}!`);
});
TypeScript
import * as escapeHtml from 'escape-html';
// Return a greeting with the input HTML-escaped.
export let hello = functions.https.onRequest((req, res) => {
res.send(`Hello ${escapeHtml(req.query.name || req.body.name || 'World')}!`);
}
Including local Node.js modules
You can also include local Node.js modules as part of your function. You can
achieve this by declaring your module in package.json using the
file: prefix. In the
following example, mymodule refers to your module name and mymoduledir is
the directory containing your module:
{
"dependencies": {
"mymodule": "file:mymoduledir"
}
}
The code for this local module should be stored somewhere other than the
node_modules folder within your function's root directory.
Additional steps for TypeScript
TypeScript helps you most when you use libraries that have type information.
This lets TypeScript catch syntax errors and lets editors give you better
autocomplete suggestions. Some libraries, like firebase-admin and
firebase-functions, ship with TypeScript definitions included.
Many libraries do not provide their own TypeScript definition. The
DefinitelyTyped project
provides community-maintained definitions for the most popular node libraries.
DefinitelyTyped publishes these definitions under the same NPM package name, but
inside the "@types" organization. For example, you can install the type
information for the uuid library with the following:
npm install @types/uuid
As you become more familiar with TypeScript, you might find yourself combining both installs:
npm install uuid @types/uuid
Type dependencies should be the same kind as the library dependency. For
example, you should not save uuid as a normal dependency and @types/uuid as
a dev dependency or peer dependency.
Loading Node.js modules
Use the Node.js
require()
function to load any Node.js module you have installed. You can also use the
require() function to import local files you deploy alongside your function.
import
statement in the same way to load any Node.js module you have installed.
Using private modules
You can use a private npm module by providing settings for authenticating with
the registry in a .npmrc file in the function's directory.
Private modules from Artifact Registry
An Artifact Registry Node.js package repository
can host private modules for your function. When deploying to Cloud Functions,
the build process will automatically generate Artifact Registry credentials
for the Cloud Build service account.
You only need to list the Artifact Registry repository in your .npmrc without
generating additional credentials. For example:
@SCOPE:registry=https://REGION_ID-npm.pkg.dev/PROJECT_ID/REPOSITORY_NAME
//REGION_ID-npm.pkg.dev/PROJECT_ID/REPOSITORY_NAME:always-auth=true
Private modules from other repositories
The npm documentation explains how to create custom read-only
access tokens. We discourage using the .npmrc file created in the home
directory because it contains a read-write token. Write permissions are not
required during deployment, and could pose a security risk.
Do not include the .npmrc file if you're not using private repositories,
as it can increase the deployment time for your functions.
File format
If you're using an .npmrc file to set a custom auth token, it should include
the line shown below. Replace <YOUR_AUTH_TOKEN> with your
NPM-provided authentication token.
//registry.npmjs.org/:_authToken=<YOUR_AUTH_TOKEN>