On 1/19/21 4:50 AM, slb wrote:
Hi,
Just some info: Fedora will drop those gillionish nodejs packages entirely in next version, and endorse the "vendoring"[0]. Debian discussed it too recently [1]
[0] https://fedoraproject.org/wiki/Changes/NodejsLibrariesBundleByDefault https://fedoraproject.org/wiki/Changes/NodejsLibrariesBundleByDefault [1] https://lwn.net/SubscriberLink/842319/8adb13e08d0302bd/ https://lwn.net/SubscriberLink/842319/8adb13e08d0302bd/
Hi all, Indeed. I was always against doing "simple" things like npm2rpm - it's just an exercise in repackaging from one container to another. It's busy work that is actually detrimental to user experience. In case of NPM packages, the user experience is to be able to run `npm install` `npm install` requires network, but it can be run against a localhost network and hence the idea of just having a simple registry on localhost that contains all the required packages. Done. I can say the problem has been solved although implementation is WIP. There are two other problems that need resolutions to be able to actually contribute positively to the current NPM ecosystem. 1. how to provide security updates for released NPM modules? (conceptually solved) 2. how to rebuild/update packages that BR these NPM modules. I think this will require a special OBS service. Anyway, the future of NPM in openSUSE looks more like NPM than RPM. And for applications that require NPM to build their RPMs, the target process will have to be more transparent than opaque. More to come. - Adam