You are not logged in.

#1 2020-05-07 06:39:30

peippo
Member
Registered: 2020-01-13
Posts: 2

npm/node.js packages and file conflicts (single npm pkg == PKGBUILD?)

I’ve now been maintaining this gnome shell extension for a while that has its own node_modules directory, installed into "${pkgdir}/usr/share/gnome-shell/extensions/" which I think is in fact bad practice. It’s not only namcap complaining, but also me myself feeling uneasy with it.
I have been thinking of packaging all of its npm dependencies separately, so they reside in /usr/lib/node_modules/.

Here’s the problem: I obviously want to avoid file collisions between packages, and the way I thought would be best is resolve all dependencies and have one nodejs-* PKGBUILD per one npm package. But this would mean a flood of nodejs-* PKGBUILDs (roughly 150 for the example gnome extension).

What’s your thoughts on the matter? Is there another way I can install the node.js dependencies to a system-wide /usr/lib/node_modules without having potential file collisions? Would it be a practical problem if there’s hundreds of nodejs-* PKGBUILDs on AUR, for me or for anybody else?

Offline

#2 2020-05-10 04:45:17

Awebb
Member
Registered: 2010-05-06
Posts: 6,271

Re: npm/node.js packages and file conflicts (single npm pkg == PKGBUILD?)

I'd have a look at official packages with node_modules folders and npm as a make dep.

1. https://www.archlinux.org/packages/community/any/npm/
2. Look for an ugly node-infested behemoth in the "required by" column. Perhaps atom or caprine.
3. Click on "View the file list for atom" and behold the massive node_modules folders
4. Check the PKGBUILD, too.

The problem with anything Node.js is how version-critical everything can be. Arch doesn't do the "multiple versions of every library" thing, so you'd have to have a fixed version of every nodejs package. Quite often you can't just update a node package inside a project blindly without patching the whole thing. In addition, those node packages can come with their own dependencies, so you'd probably end up with a pretty hefty chain of interdependent packages, that need to be installed in multiple versions.

If my sanity was on the line, I'd let namcap complain all day and just let it slide.

Offline

#3 2020-05-10 09:04:03

peippo
Member
Registered: 2020-01-13
Posts: 2

Re: npm/node.js packages and file conflicts (single npm pkg == PKGBUILD?)

Thanks for your thoughts, and for the idea of looking at how more official packages solve the issue. I’m going to do a bit of a survey I guess.

Awebb wrote:

If my sanity was on the line, I'd let namcap complain all day and just let it slide.

True that!

And yes, you’re absolutely right: the npm dependency model with version-specific dependencies is just inherently incompatible with a rolling-release packaging strategy. Haven’t really looked at it from that angle, mostly because for Python/PyPi dependencies things are not so strict: patching a package’s requirements.txt to allow newer versions of its dependencies hardly ever breaks things.

My next steps are going to be to indeed look at how official packages deal with node.js dependencies. I’ll report back here for future reference.

Last edited by peippo (2020-05-10 09:04:25)

Offline

Board footer

Powered by FluxBB