Geek Answers Handbook

Npm installs many dependencies

I recently bought an HTML template, it contains many plugins located inside the bower_components directory and inside package.js . I wanted to install another package that I liked, but decided to use npm for this.

When I typed:

npc install pnotify

node_modules been created containing about 900 directories with other packages.

What is it? Why were they installed with my package? I did some research and found out that they are needed, but really, do I need to deliver my template to production with hundreds of unnecessary packages?

+7
javascript css npm package
source share
4 answers

This is a very good question, there are a few things I want to point out.

V8 engine, Node Modules (dependencies) and require them

Node.JS is built on a V8 engine, the source code of which is C ++. This means that Node.JS dependencies are based on C ++.

Now that you require you to change the dependency, you are actually removing the code / functions from the C ++ program. How libraries / dependencies are created.

There are many functions in libraries that you will not use

For example, see the express validation module . There are so many functions. When you need a module, do you use all the functions it provides? The answer is no . People need such packages to take advantage of only one advantage, and all functions end up loading, which takes up unnecessary space.

Think of Node dependencies that are made from other Node dependencies as interpreted languages

Example: Javascript is written in C / C ++, these languages ​​are written in assembly. Think of it as a tree. Each time you create new branches for more convenient use and, most importantly, to save time. This speeds up the work. This is a similar situation for creating new dependencies, when people create a new dependency that is require those that already exist, instead of writing an entire C ++ program, because it makes everything simpler.

The problem arises when other NPMs are required to create a new

When dependency authors require other dependencies on here and there only to take advantage of a few (small) advantages from them, they end up loading them all (which they don't care because they prefer to do this than write a new add-on in C ++ explicitly ), and this takes up additional space. For example, you can see the dependencies that the express-validator module uses from from this link.

So, when you have large projects that use many dependencies, you end up taking up so much space for them.

Ways to solve this problem

Number 1

  • This requires some experts from Node.JS. To reduce the number of downloaded packages, a professional Node.JS developer could go to the directories in which the modules are stored, open the javascript files, see their source code and remove functions that they will not use without changing the structure of the package.

Number 2 (which is almost impossible)

  1. You can also create your own personal dependencies written in C ++ that literally take up the least space, but will take up the most time. I do not recommend doing this at all! You need C ++ specialists for this purpose.

Conclusion && Note

So basically there is no way to drop all Node packages, but you can use solution number 1 if you think you can do it, or force someone else to process it. I still think this is not a good idea.

Also, ask yourself this question, do these packages really cause a problem?

+5
source share

No, it makes no sense to add about 900 package dependencies to your project just because you want to add some kind of template. But it is up to you!

The severity of the template does not dispute the node.js ecosystem, but its main npm package system.

It is a fact that the javascript community, as a rule, makes the maximum possible module responsible for one task, and only one. I think this is not bad. But this can lead to a situation where you have a lot of dependencies in your project.

Hard drive memory is currently cheap, and no one else cares about creating efficient / small applications.

As always, it is only a matter of choice.

0
source share

What is the point of delivering hundreds of packages weighing hundreds of MB for several KB projects.

Not.

If you intend to provide it to other developers, simply gitignore (or remove from the general package) directories node_modules or bower_components . Developers just install dependencies as needed;)

If it's something as simple as HTML templates or similar things, node will most likely only make your life as a developer easier by providing live reloads, compilation / forwarding typescript / babel / SCSS / SASS / LESS / Coffee ... (list goes on, P) etc.

And in this case, the dependencies are likely to be only dev_dependencies and will not be required at all in the production environment;)

Also, many packages come with separate production and dev dependencies, so you just need to install the production dependencies ...

 npm install --only=prod

If your project really needs a lot of projects in production and you really want to avoid this, just spend some time and include the css / js files your project needs (this can be a time-consuming task).

Update

Default performance

Most projects have different dependencies on developers and production,

Dev dependencies may include things like SASS, typescript, etc. compilers, uglifiers (minification), perhaps things like live reload, etc.

If there are no such things as a production version that reduce the node_modules directory.

** No node_modules **

On some projects like the html template, you may not need node_modules in production, so you will skip npm install .

No access to node_modules

Or in some cases, when the server that is being serviced exists in node_modules itself, access to it may be blocked (although there is no need to access them from the interface).

0
source share

What is it? Why were they installed with my package?

Dependencies exist to facilitate code reuse through modularity.

... do I need to deliver my template to production with hundreds of unnecessary packages?

This modularity cannot be abandoned so quickly. If you implement require and eliminate dead code, you will lose the benefit of corrections for dependencies automatically applied to your code. You should see this as a form of compilation because ... well ... this is compilation.

However, if you have a license to redistribute all of your dependencies in this compiled form, you will be happy to know that these optimizations are performed by the compiler that compiles Javascript into Javascript. The Closure Compiler , as the first example I came across, seems to be doing advanced compilation , which means you get dead code removal and inline functions ... This seems promising!

0
source share

More articles:


All Articles