arikon
commented
12 years ago npm install (without --dev) will also download dependencies from the npm registry.
Do you have an idea how to tell npm install not to download any packages?
Open kapouer opened 12 years ago
arikon
commented
12 years ago npm install (without --dev) will also download dependencies from the npm registry.
Do you have an idea how to tell npm install not to download any packages?
kapouer
commented
12 years ago I don't. i was surprised you used npm in debian/rules. If npm doesn't provide an option to "make install" without resolving dependencies, then we should ask Isaac Schlueter if he could add one. If he can understand how it's useful then he'll probably add it.
arikon
commented
12 years ago I tried one year ago ;) isaacs/npm#340
arikon
commented
12 years ago Btw, I don't like the idea to convert every dependency to its own debian package. We tried to live this way at Yandex and it was a hell =(
npm has quite a good solution to the conflicting debian approach — bundle all deps to node_modules folder of package.
Think of it as a static compiling as of binary code.
kapouer
commented
12 years ago Having shared dependencies is an inevitable constraint of doing debian packages. In the general case each dependency should be a package too; and of course, sometimes exceptions happen. (think of software xxx that forks its bundled library yyy too much to be backported to the shared yyy lib). Bundling node_modules simply won't make it to debian repository.
arikon
commented
12 years ago Just look on the output of npm ls on real package I'm working on. How would you solve it with debian packages?
bash-3.2$ npm ls
/Users/arikon/projects/bem/bem-bl-test
├─┬ bem@0.2.6
│ ├── coa@0.3.4
│ ├─┬ q@0.7.2
│ │ └── event-queue@0.2.0
│ ├── q-wrap@0.0.1
│ └── qq@0.3.3
├── inherit@1.0.0
├─┬ proto@0.0.0 -> /Users/arikon/projects/bem/sandbox2
│ ├─┬ coa@0.3.4
│ │ └─┬ q@0.7.2
│ │ └── event-queue@0.2.0
│ └─┬ qq@0.3.4
│ └─┬ q@0.8.2
│ └── event-queue@0.2.0
└─┬ qq@0.3.4
└─┬ q@0.8.2
└── event-queue@0.2.0 And it is not the worst case I've seen.
kapouer
commented
12 years ago On this example, software depending on q must be patched to support using version 0.8.2
arikon
commented
12 years ago What if that software is relatively big? What if one package depends on many packages that use different versions of the same lib? All must be patched? That could be a huge amount of work.
kapouer
commented
12 years ago oh yes, it is. That's why npm2debian could be handy :)
arikon
commented
12 years ago To make it clear, what packages (and what versions) should generate npm2debian in this comment?
kapouer
commented
12 years ago Only one (bem-bl-test), it's up to npm2debian user to generate and solve the barbarian dependency hell. It would populate its debian/control Depends field with bem>=0.2.6, inherit>=1.0.0, proto>=0.0.0, qq>=0.3.4. The user task is then to package in turn each of those, resolving problems like you mentionned, step by step until having all leaf packages available.
In generated ./debian/rules, npm install --dev
will, in the general case, ask npm to download dev dependencies and install them in local ./node_modules. This cannot be done in debian/rules. The dev dependencies must be listed in debian/control Build-Depends field.
Considering the current state of npm2debian, it might be wiser to report automatic testing to a later version ?