NPM Draft only !!! - LearningRbcRegistry/Wiki GitHub Wiki

NPM - DRAFT - Bour Antoine oct/16

• What is NPM

• First: NodeJs.

since 2010 and chrome with V8 motor, there exist a lot of javascript libraries: Javascript interpreter on server side (like java/php..) (no need of browser)

• Before NodeJs and V8 Chrome Motor: Read js then interpret it each time that usefull
• After: JIT compilation (code inlining, copy elision, not the topic for me)

• Understand NodeJs

  npm config get prefix : get NPM path
  

  Latest version is not installed with nodeJs ; I have updated it : npm install npm@latest -g

• command: "node" in order to have an interactive interpreter a javascript output console.

• NodeJs base on events and is small. It is extended thanks to modules (require('http') -> call http.js ( module/library from node.js)) (uploaded file management modules, SQL modules, template modules...)

• require('./mymodule') -> refer to my own module in the same folder.. if my module is in the parent folder: ../myModule

• if i want to write require('myModule') then the mymodule.js has to be in node_modules folder from my node installation

• In a module the rules are the following:

• The functions that needs to be exported have to be explicitely contains the word "exports"

A lot of module/packages exists. NPM is managing them for me:

• https://docs.npmjs.com/getting-started/creating-node-modules
• npm is installed by default with nodeJs
• npm search xxxx > search all modules containing xxxx
• npm install > local install

If I do npm install xxxx in my project, a node_module folder will be created and the content of this install pushed inside it.

Without the following options, the installed libraries are not linked to the current module:

	 --  save :  dependencies
	 --  save-dev : devdependencies

• If I have multiple project it's important to install my module in the nodeJsFolder. Take Care!!! But doing so, they can not be imported in the project, they can only used via the command line

• The module documentation is interessant to read, some of modules allows to use the command globally without using nodeJs.

• Npm update : check updates on modules. Don't break compatibility and delete old versions

• In a big app, installing the modules 1 by 1 :

  •   is not easy to maintain
    

  •   the compatibility between them in case of evolution is not verified
    

  • package.json file allow us to declare the whole list of dependances of the wished project.

  • A package.json is identified by :

  	    {
  			    "name": "mon-app", (avoid spaces, special car..)
      			    "version": "0.1.0", (major, minor, patch)
      			    "dependencies": {
          			 			   "markdown": "~0.4"
      					  }
  		}

• ~0.4 » indicates that I accept updates fom 0.1 to 0.9

• ~0.3.4 » indicates that I accept updates from 0.3.0 to 0.3.9

• without ~, only the indicated version is used !

• 1.0.0 to 1.0.1 ? Minor Release. Only new function , no regression

• so If I accept from 1.0.0 to 1.0.9 (Only minor releases) then :

• ~.1.0.0 So I only accept patch.

• ~.1.0.4 >= 1.0.4 and < 1.1

• 1.0.0 to 1.1.0 (an not 1.0.0 to 2.0.0) :

• 1 = 1.x = ^1.0.4

• MAJOR version when you make incompatible API changes,

• 1. MINOR version when you add functionality in a backwards-compatible manner, and
• 2. PATCH version when you make backwards-compatible bug fixes.

• If we repect the model MAJOR.MINOR.PATCH : - The tilda allows patch changes only. = ~1.2.3 = (>=1.2.3 and < 1.3.0) - the caret allows minor changes only : ^1.2.3 := ( >=1.2.3 <2.0.0

npm version patch : patch a module

• tilda ranges: patch change
• ^ (caret range) minor
• • (star or x ranges) major
• 1.x.0 ? 1.0 to 1.9
• They don't use comparator or range in the agile lab. ,>=, <= ...

• Contains a git url (for publish): npm install semver

• Npm init : https://docs.npmjs.com/getting-started/using-a-package.json

• dependencies section : packages required in prod.

• DevDependenvies : only dev and testing.

• More about package.json : https://docs.npmjs.com/files/package.json

• publish in Npm my own developped module : I need a package.json with the details of my version, name + dependances) + readMe.md

• Now that we have a package.json, each npm install module will push a dependency in the package.json

• then : npm adduser (or npm login) https://docs.npmjs.com/getting-started/publishing-npm-packages

• npm publish

• npm outdated : check if version out of date

• npm update : update a version

• npm uninstall xxxx ? uninstall from node_module

• npm uninstall lodash –save ? uninstall from wished package.json

• npm install -g jshint ? this install in my global node_module (for cmd shell) and gives this accessible through the console. Be careful hier, « npm config get prefix » give the path where this module is installed !!!

• To uninstall : npm uninstall -g jshint

• globallw : CLI

• locally : package.json

• npm update -g will update all global packages.

• Exemples of packages : Tags can be used in complement : https://docs.npmjs.com/getting-started/using-tags

• scope packages : https://docs.npmjs.com/getting-started/scoped-packages

• scope package = private module = paid user

###Package What is a package?

• A package (.json) is any of: - a folder containing a program described by a package.json file - a gzipped tarball containing (a) - a url that resolves to (b) - a @ that is published on the registry with (c) - a @ that points to (d) - a that has a latest tag satisfying (e) - a git url that, when cloned, results in (a). - Contains a script definition (for installation or compilation scripts)

A module is anything that can be loaded with require() in a Node.js program. The following are all examples of things that can be loaded as modules: A folder with a package.json file containing a main field. A folder with an index.js file in it. A JavaScript file. Most packages are modules

###Dependencies between project : ###

Project C uses A and B A use D.1.0.0 and B use D.2.0 ? NodeJs is able to use correctly the version ; the package manager loads them as a tree. The both are loaded. https://docs.npmjs.com/how-npm-works/npm3-dupe

npm3 does not install dependencies in a deterministic way.

Working on local you will probably have a tree that is not the same at the end that what will be deployed in QA. Why ? In you local you have done it step by step, in QA,it will be a one shot.

INSTALL ORDER IS IMPORTANT : FIRST

Non determinism ? put Exemple

2 words about : private modules and organisation

There is norm to respect « Npm Style » : https://docs.npmjs.com/how-npm-works/npm3-dupe

• user of comma, semi columns, indentation...
• User asynchronous version of things as much as possible
• Create an Error Object for the messages
• Respect the indicated case
• Don't set variables to 'undefined'
• use npmlog for logging

Config : https://docs.npmjs.com/how-npm-works/npm3-dupe Variable that starts with npm_config_ are interpreted as configuration parameter. They are not case sensitive

npm_config_test = « hello » will create a test variable in the config files : a configuration file is a .npmrc file

how to list config files : npm config ls -l

Configuration are comming from :

• Command line
• Environnment variables npm_config_foo
• npmrc files (project / user config / glob config / npm fuiltin config)
• Config tag can be defined in package.json

In the config, it's easy to store :

• Default values for boolean...
• engine-strict : compatibility strict with nodejs
• default editor (uedit, sublime..)
• dev : to know if dev dependencies hav to be installed
• depth : number length
• cert : client certificate
• cache informations
• …

.npmignore file : exclude some stuff

.gitignore file : exclude from git

Rules : ? Like other repo, before to publish it has to run locally

Scopes : way to group related package together.

a scoped package is installed on the subfolder of the regular installation folder : node_modules/@myscope/mypackagename

They are installed in a subpackge, so they are to be imported : require('@myscope/mypackagename')

how to install : npm instal @myscope/mypackagename or in dependency part of package.json

Scope can be associated with a separated registry

###Command Line Interface:###

npm cache : handle the cache folder from NPM
deprecate : npm deprecate nodetest@"0.1.1" "deprecate test" (only if auth usr)
dedupe : clean the package tree
npm edit : edit the package folder

Goal (Established by Riccardo)

• Create a simple console output indicating the folder content.
• git repository of small work: ???
• https://www.npmjs.com/package/image-size
• npm install image-size --save

Export in local : Creation of a second project. I will name it the root project : in this project folder, use the link (based on name indicated in package.json from npmproject

create a file index.js

Now I have 2 projects. How to git them ? npm test : start the test script defined in package.json

"test script": todo

• https://www.npmjs.com/package/yarn

• https://yarnpkg.com/

• https://yarnpkg.com/en/docs/usage

• https://yarnpkg.com/en/docs/

• Maven ? Maven repo
• Maven : 1 pom file : easier to understand
• NPM : dependances in all pakage.json + eventually node_module
• Maven : plugins ans combinations of plugins can be difficult to tune/support in case of issue
• npm : scripting makes tuning easier.
• Maven doesnt allow multiple version of package. It's possible with NPM.
• (Maven = java and the class loader doesnt allow multiple class definition)
• Maven has a flat dependy tree. With NPM it can be nested.
• Maven is older than NPM : more maturity, more options, more users, more maturity
• Maven lifecyle easy to read