angular-cn/npm-shrinkwrap.readme.md

52 lines
3.1 KiB
Markdown

All of our npm dependencies are locked via the `npm-shrinkwrap.json` file for the following reasons:
- our project has lots of dependencies which update at unpredictable times, so it's important that
we update them explicitly once in a while rather than implicitly when any of us runs npm install
- locked dependencies allow us to do reuse npm cache on travis, significantly speeding up our builds
(by 5 minutes or more)
- locked dependencies allow us to detect when node_modules folder is out of date after a branch switch
which allows us to build the project with the correct dependencies every time
We also generate `npm-shrinkwrap.clean.js` file which is used during code reviews or debugging to easily review what has actually changed without extra noise.
To add a new dependency do the following:
1. if you are on linux or windows, then use MacOS or ask someone with MacOS to perform the
installation. This is due to an optional `fsevents` dependency that is really required on MacOS
to get good performance from file watching.
2. make sure you are in sync with `upstream/master`
3. ensure that your `node_modules` directory is not stale by running `npm install`
4. add a new dependency via `npm install --save-dev <packagename>`
5. run `./tools/npm/reshrinkwrap`
6. these steps should change 3 files: `package.json`, `npm-shrinkwrap.json` and `npm-shrinkwrap.clean.json`
7. commit changes to these three files and you are done
To update existing dependency do the following:
1. if you are on linux or windows, then use MacOS or ask someone with MacOS to perform the
installation. This is due to an optional `fsevents` dependency that is really required on MacOS
to get good performance from file watching.
2. make sure you are in sync with `upstream/master`: `git fetch upstream && git rebase upstream/master`
3. ensure that your `node_modules` directory is not stale by running `npm install`
4. run `npm install --save-dev <packagename>@<version|latest>` or `npm update <packagename>` to
update to the latest version that matches version constraint in `package.json`
5. run `./tools/npm/reshrinkwrap`
6. these steps should change 2 files: `npm-shrinkwrap.json` and `npm-shrinkwrap.clean.json`.
Optionally if you used `npm install ...` in the first step, `package.json` might be modified as
well.
7. commit changes to these three files and you are done
To Remove an existing dependency do the following:
1. if you are on linux or windows, then use MacOS or ask someone with MacOS to perform the
installation. This is due to an optional `fsevents` dependency that is really required on MacOS
to get good performance from file watching.
2. make sure you are in sync with `upstream/master`: `git fetch upstream && git rebase upstream/master`
3. ensure that your `node_modules` directory is not stale by running `npm install`
4. run `npm uninstall --save-dev <packagename>@<version|latest>`
5. run `./tools/npm/reshrinkwrap`
6. these steps should change 3 files: `npm-shrinkwrap.json` and `npm-shrinkwrap.clean.json`.
7. commit changes to these three files and you are done