
Hey, On 29.09.20 17:59, Ludwig Nussel wrote:
I'm trying to build a package from source that uses npm modules. Doing so involves more than one thousand(!) upstream tarballs. In the hope to make that more manageable I wrote a PoC script¹ to produuce a file includable from the spec and to also download the tarballs.
I have the feeling you are reinventing the vendoring NPM provides. The `node_modules` directory is most likely already the result of the `package.json` file shipped with the software you are trying to package. npm install's default behavior is to install packages locally, just for your app into the `node_modules` directory. You can also choose to install npm packages globally (to the system so to speak) with the `npm install -g` option. Now you have a decision to make: Either you ship in your RPM package the vendored (local to your app) dependencies. Which would "just" require tar'ing up the `node_modules` directory with all the dependencies in it, unpack it during the build and make that accessible for your app. This is the strategy services like `bundled_gems`, `cargo_vendor` or `go_modules` follow. Or, and I guess for a distribution this would be the correct way, you package all of the dependencies of your npm based software also as RPM packages. Guess you can automate this to a certain degree as we do with rubygems. People before you have gone through this :-) -> https://github.com/theforeman/npm2rpm -> https://docs.fedoraproject.org/en-US/packaging-guidelines/Node.js/ Henne -- Henne Vogelsang http://www.opensuse.org Everybody has a plan, until they get hit. - Mike Tyson -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org