Module dependencies

[vattenapa]

Hey, I'm looking at the possibility to adopt this module in our decoupled projects. With the addition of API-based ISR invalidation in Next.js I think consolidating efforts makes sense.

We're using drupal/graphql with queries to handle route matching and permissions. I don't want to enable the modules that this module lists as dependencies, nor do I see why the project has these deps(?)

Does moving the dependencies to documentation for how to use the module together with next-drupal instead of being explicit dependencies make sense?

[shadcn]

This has been requested twice this week so we are definitely looking into this.

The idea for the initial release was to make it as easy as we can to get started.

Which modules are you not using?

[vattenapa]

The only module we're using that's in the dependencies is simple_oauth but technically you shouldn't need that either if you were only exposing public data. Afaik the only thing we need to define in the next module is the preview secret, which is just a string, right?

[shadcn]

If you're only using public data, you're right you don't need simple_oauth. However the preview works with unpublished entities and revisions which need authentication (unless this is public too).

subrequests and decoupled_router are needed as well. On the Next.js site we use subrequests to stitch http calls together and decoupled_router to translating path to uuid for JSON:API.

[vattenapa]

preview works with unpublished entities and revisions which need authentication

This is an implementation detail in your frontend/backend if you're not using next-drupal

we use subrequests to stitch http calls together and decoupled_router to translating path to uuid for JSON:API

I saw this when checking the next-drupal codebase. However drupal/next doesn't need any of these modules to provide it's functionality.

I understand this is how a lot of people use the combination of NPM package + Drupal module. I raised the issue to ask for flexibility in the drupal-module for people not using JSON:API, and/or not using next-drupal.

[shadcn]

OK I see what you mean. We do have a next_jsonapi sub-module where we could abstract most of the JSON:API functionality.

How are you handling authentication for GraphQL?

(This is good feedback. Appreciate it)

[vattenapa]

We do use simple_oauth for authentication in previews (unpublished content/different revisions for editors) as well as user authentication so it's not too much of a different setup.

[backlineint]

If it isn't possible to completely resolve this by moving dependencies around, it might also be possible leverage recipes in Drupal >= 10.3 to make it possible to configure these dependencies by default, but still make them uninstallable.