Question about bundling dependencies...

[nickgrealy]

I've had a look at this document -> https://github.com/developit/microbundle/wiki/How-Microbundle-decides-which-dependencies-to-bundle#2-i-dont-want-to-bundle-a-dependency...

And this issue, posted by @evocateur in https://github.com/lerna/lerna/issues/1575#issuecomment-420380754

And have some questions about bundling...

---

In the following example, how would I configure all 3x separate dependency scenarios?

Is it possible to explicitly define what gets ignored/inlined/externalised?

e.g.

1. mocha - used for testing (or compilation), should not be bundled (typically under devDependencies)
2. axios - is an "external" dependency (typically under dependencies)
3. crypto-js - is an "inline" dependency (typically under dependencies)

package.json

"dependencies": {
    "axios": "^1.2.3"  // will be require()'d by dist/index.js (option #2)
},
"devDependencies": {
    "crypto-js": "^1.2.3"  // gets bundled into dist/index.js (option #3)
}

---

On a side note:

The Microbundle configuration is confusing - it doesn't seem to offer a way to exclude a group of dependencies, and doesn't align with NPM conventions...

"devDependencies": Packages that are only needed for local development and testing.

Reference: https://docs.npmjs.com/specifying-dependencies-and-devdependencies-in-a-package-json-file

[rschristian]

Is it possible to explicitly define what gets ignored/inlined/externalised?

Unfortunately no, though that might be a good idea. You will more or less need to understand the dependency rules / the --external flag.

mocha - devDep axios - dep crypto.js - devDep

Anything under "dependencies" is assumed to be external. Anything under "devDependencies" is not.

Now, just because a library is listed as devDep doesn't mean it's going to be inlined into your bundle. You'd still have to actually use it, and it's not likely you're going to be consuming your dev tools from your package entry point.

The Microbundle configuration is confusing - it doesn't seem to offer a way to exclude a group of dependencies, and doesn't align with NPM conventions...

"devDependencies": Packages that are only needed for local development and testing.

What do you think doesn't align?

If you want to inline a dependency, such as crypto.js in your example above, it's a devDepenendcy as it's not going to be depended on once published.

[nickgrealy]

Ok thank you... I think this is the part I was missing:

Now, just because a library is listed as devDep doesn't mean it's going to be inlined into your bundle. You'd still have to actually use it, and it's not likely you're going to be consuming your dev tools from your package entry point.

Correct me if I'm wrong, but I can't see any mention of this behaviour in this document - https://github.com/developit/microbundle/wiki/How-Microbundle-decides-which-dependencies-to-bundle#2-i-dont-want-to-bundle-a-dependency

Is it worth mentioning, that microbundle only inlines dependencies that are actually used in code?

[rschristian]

To be honest, you're the first person I've come across that didn't have that expectation. A tool that inlines dead code sounds... not great.

[nickgrealy]

Yeh, totally agree. I was reading through the docs last night and wasn't aware that it was excluding unused deps for me (which is a good thing!).

Question answered.

I'm just suggesting that we add it to the docs in case someone else has the same question.

[rschristian]

Agreed, and I do really like the ideal of being a bit more explicit with how deps are treated. Now that you mentioned it the devDeps -> inlined is bothering me a bit 😅

I think I'll try to get some thoughts in order/plan for how to improve and create a new issue for tracking that. Don't necessarily want to make the ReadMe or wiki longer than they already are, but more info probably couldn't hurt.