Comments (9)
committing node_modules
ensures that THE correct version is used for the dependency, and no anomaly is seen while development and in production. Maybe you're right, will look into this.
P.S. Sorry for late reply, I didn't notice this. Thanks :)
from gdg-trailblazer.
@Dhruvin2910 http://stackoverflow.com/questions/11459475/should-i-check-in-node-modules-to-git-when-creating-a-node-js-app-on-heroku
This is the article I had considered.
from gdg-trailblazer.
Writing vaguely, git should be used as a VCS for source code. The problem being solved by not adding external libraries doesn't exist anymore (not that I know).
I've been using heroku and never faced this npm problem. And as of now, when node is shipped with LTS and npm is very stable, I think you may gitignore that.
Yeah and the issue (potential) I raised will only occur if you npm update
locally (since the versions of dependencies are NOT mentioned exactly (used ^M.m.b)
).
One possible workaround might be hard-coding current (stable) versions of dependencies in package.json
. Because that will prevent deps from updating (specially when an outside collaborator wants to contribute, and he/she doesn't know not to npm update).
from gdg-trailblazer.
I would handle it for you, if you so.
from gdg-trailblazer.
Did you read the answer?
Usually, no. Allow npm to resolve dependencies for your packages.
For packages you deploy, such as websites and apps, you should use npm shrinkwrap to lock down
your full dependency tree:
from gdg-trailblazer.
Yes I read the answer, and they are no longer recommending node_modules folder be committed.
I could not understand the point you were drawing by last comment. So can you just tell me if you are in favor of gitignoring deps or not.
from gdg-trailblazer.
I am in favor of gitignoring deps, but, since this ain't a library, this is a deployable app, we should go with shrinkwrapping, that it is the only way to lock down dependencies here.
from gdg-trailblazer.
I believe, shrikwrapping was not available at the time they suggested committing whole node_modules directory, since that was the only way to lock dependencies. Since we have shrinkwrap now, we should use it to lock down dependencies.
from gdg-trailblazer.
I agree, and I think we should go with shrinkwrapping.
from gdg-trailblazer.
Related Issues (1)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gdg-trailblazer.