Managing dependencies
Managing packages and dependencies.
Importing dependencies
Supabase Edge Functions support several ways to import dependencies:
- JavaScript modules from npm (https://docs.deno.com/examples/npm/)
- Built-in Node APIs
- Modules published to JSR or deno.land/x
NPM modules
You can import npm modules using the npm: specifier:
_10import { createClient } from 'npm:@supabase/supabase-js@2'
Node.js built-ins
For Node.js built-in APIs, use the node: specifier:
_10import process from 'node:process'
Learn more about npm specifiers and Node built-in APIs in Deno's documentation.
JSR
You can import JS modules published to JSR (eg: Deno's standard library), using the jsr: specifier:
_10import path from 'jsr:@std/path@1.0.8'
Managing dependencies
Developing with Edge Functions is similar to developing with Node.js, but with a few key differences.
In the Deno ecosystem, each function should be treated as an independent project with its own set of dependencies and configurations. This "isolation by design" approach:
- Ensures each function has explicit control over its dependencies
- Prevents unintended side effects between functions
- Makes deployments more predictable and maintainable
- Allows for different versions of the same dependency across functions
For these reasons, we recommend maintaining separate configuration files (deno.json/deno.jsonc, .npmrc, or import_map.json) within each function's directory, even if it means duplicating some configurations.
There are two ways to manage your dependencies in Supabase Edge Functions:
Using deno.jsonc (recommended)
This feature requires Supabase CLI version 1.215.0 or higher.
Each function should have its own deno.jsonc or deno.json file to manage dependencies and configure Deno-specific settings. This ensures proper isolation between functions and is the recommended approach for deployment. For a complete list of supported options, see the official Deno configuration documentation.
The recommended file structure for deployment:
_11└── supabase_11 ├── functions_11 │ ├── function-one_11 │ │ ├── index.ts_11 │ │ ├─- deno.jsonc # Function-specific Deno configuration_11 │ │ └── .npmrc # Function-specific npm configuration (if needed)_11 │ └── function-two_11 │ ├── index.ts_11 │ ├─- deno.jsonc # Function-specific Deno configuration_11 │ └── .npmrc # Function-specific npm configuration (if needed)_11 └── config.toml
While it's possible to use a global deno.json or deno.jsonc in the /supabase/functions
directory for local development, this approach is not recommended for deployment. Each function
should maintain its own configuration to ensure proper isolation and dependency management.
Using import maps (legacy)
Import Maps are a legacy way to manage dependencies, similar to a package.json file. While still supported, we recommend using deno.jsonc. If both exist, deno.jsonc takes precedence.
Each function should have its own import_map.json file for proper isolation:
The recommended file structure:
_10└── supabase_10 ├── functions_10 │ ├── function-one_10 │ │ ├── index.ts_10 │ │ └── import_map.json # Function-specific import map_10 │ └── function-two_10 │ ├── index.ts_10 │ └── import_map.json # Function-specific import map_10 └── config.toml
While it's possible to use a global import_map.json in the /supabase/functions directory for
local development, this approach is not recommended for deployment. Each function should maintain
its own import map to ensure proper isolation.
If using import maps with VSCode, update your .vscode/settings.json to point to your function-specific import map:
You can override the default import map location using the --import-map <string> flag with serve and deploy commands, or by setting the import_map property in your config.toml file:
Importing from private registries
To use private npm packages, create a .npmrc file within your function directory. This ensures proper isolation and dependency management for each function.
_10└── supabase_10 └── functions_10 └── my-function_10 ├── index.ts_10 ├── deno.jsonc_10 └── .npmrc # Function-specific npm configuration
Add your registry details in the .npmrc file. Follow this guide to learn more about the syntax of npmrc files.
_10@myorg:registry=https://npm.registryhost.com_10//npm.registryhost.com/:_authToken=VALID_AUTH_TOKEN
While it's possible to use a global .npmrc in the /supabase/functions directory for local
development, we recommend using function-specific .npmrc files for deployment to maintain proper
isolation.
After configuring your .npmrc, you can import the private package in your function code:
_10import MyPackage from 'npm:@myorg/private-package@v1.0.1'_10_10// use MyPackage
Using a custom NPM registry
Some organizations require a custom NPM registry for security and compliance purposes. In such instances, you can specify the custom NPM registry to use via NPM_CONFIG_REGISTRY environment variable.
You can define it in the project's .env file or directly specify it when running the deploy command:
_10NPM_CONFIG_REGISTRY=https://custom-registry/ supabase functions deploy my-function
Importing types
If your environment is set up properly and the module you're importing is exporting types, the import will have types and autocompletion support.
Some npm packages may not ship out of the box types and you may need to import them from a separate package. You can specify their types with a @deno-types directive:
_10// @deno-types="npm:@types/express@^4.17"_10import express from 'npm:express@^4.17'
To include types for built-in Node APIs, add the following line to the top of your imports:
_10/// <reference types="npm:@types/node" />