Using npm to Manage Your Projects for Fun and Profit - USEFUL INFO IN NOTES!

  • 597 views
Uploaded on

Presentation for the January node.dc meetup on using npm to manage node projects in general, not just library modules

Presentation for the January node.dc meetup on using npm to manage node projects in general, not just library modules

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
597
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
1
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Similar to Ruby’s gem bundler. Closest python equivalent is probably virtualenv, but that also covers virtual environments which in node you get with e.g. nave and Rails with rbenv or similar
  • There are better, more surgical ways to specify you want a release in the 2.x series, but this will prevent you from getting 3.x. This was a useful example from back when 3.x was first put up on npmjs.org and a bunch of stuff in the above list hadn’t been fully ported to it yet
  • Can be dangerous, if 1.4.x or 2.x comes out, it might break you if the API changed
  • Generally should be safe: API should be stable across minor releases, but you will get patches. However, you might want minor release point updates. Only problematic if some early patch versions will not work for you but later ones do
  • Very safe, but means that to pull in later patches that should be compatible, you would have to update package.json to allow it. May be useful if extreme control over environment is desired
  • As long as the package doesn’t break you later in the 2.x series than 2.5.2, this should be safe if you don’t want to get version 3 pulled in on you
  • Reasonable safe and sane option. We’ll get 1.3.3 or greater within the 1.3 series, but not 1.4.x or 2.x. You can do similar for floor within major as well: ~1.3

Transcript

  • 1. Using npm to Manage YourProjects for Fun and Profit Jonathan Altman (@async_io, http://github.com/jonathana) node.dc January meetup 1/23/2013
  • 2. Is This How You Start a Project?• mkdir my_cool_new_project• cd my_cool_new_project• npm init• Alternatively: express my_cool_new_project• Other frameworks probably lay down your npm package.json too
  • 3. It Should Be
  • 4. “But It’s Not a Redistributable Package”
  • 5. Use npm Anyway• You Can Still Keep Your Package Private• Project Package Dependency Management• Automated Retrieval• Automated Updates• Dependency Version Management• Environment-Specific Package Selection• Node Runtime Version Requirement
  • 6. Package Management Without Nodenpm install expressnpm install mochanpm rm expressnpm install -g expressexpress initnpm install qnpm install ...•And now we need to move to production...how exactly? Or a 2nd dev•We just shipped the unit test library to production?!?
  • 7. Read The Fine Manual• There is plenty of documentation on the package.json file, what you can put in it, and what it can do• Check out https://npmjs.org/doc/json.html• npm’s semver package documentation: https://npmjs.org/doc/semver.html• http://www.devthought.com/2012/02/17/npm-tricks/ had some useful tips/tricks as well
  • 8. vagrant@precise64:/vm_src$ express express_example create : express_example create : express_example/package.json create : express_example/app.js[bunch of stuff deleted] create : express_example/public/images install dependencies: $ cd express_example && npm install run the app: $ node appvagrant@precise64:/vm_src$
  • 9. vagrant@precise64:/vm_src/raw_init_example$ npm initThis utility will walk you through creating a package.json file.It only covers the most common items, and tries to guess sane defaults.See `npm help json` for definitive documentation on these fieldsand exactly what they do.Use `npm install <pkg> --save` afterwards to install a package andsave it as a dependency in the package.json file.Press ^C at any time to quit.name: (raw_init_example)version: (0.0.0) 0.0.1description: Example raw npm init for node.dc meetupentry point: (index.js) app.jstest command: mochagit repository:keywords:author: Jonathan M. Altmanlicense: (BSD) ProprietaryAbout to write to /vm_src/raw_init_example/package.json:[package.json contents removed: we’ll cover this in the next slide]Is this ok? (yes)npm WARN package.json raw_init_example@0.0.1 No README.md file found!vagrant@precise64:/vm_src/raw_init_example$
  • 10. vagrant@precise64:/vm_src/raw_init_example$ catpackage.json{ "name": "raw_init_example", "version": "0.0.1", "description": "Example raw npm init for node.dc meetup", "main": "app.js", "scripts": { "test": "mocha" }, "repository": "", "author": "Jonathan M. Altman", "license": "Proprietary"}vagrant@precise64:/vm_src/raw_init_example$
  • 11. Keep Your Package Private• Specify that your project is private in your package.json and it will never get published anywhere"private": true
  • 12. Specifying Dependencies• Add the following item to the JSON in your package.json:"dependencies": {},• Then, start adding dependencies
  • 13. Specifying Global Dependencies"dependencies": { "express": "<3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 14. vagrant@precise64:/vm_src/raw_init_example$ npm installnpm WARN package.json raw_init_example@0.0.1 No README.md file found!npm http GET https://registry.npmjs.org/q[several tens of lines of download/build deleted]q@0.8.12 node_modules/qejs@0.8.3 node_modules/ejsunderscore@1.4.3 node_modules/underscorerequest@2.12.0 node_modules/requestwinston@0.6.2 node_modules/winston├── cycle@1.0.1[bunch of dependency install lines deleted]├── async@0.1.22└── request@2.9.203vagrant@precise64:/vm_src/raw_init_example$
  • 15. Dependency Version Management"dependencies": { "express": "<3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 16. Dependency Version Management• npm wants/uses Semantic Versioning--semver, http://http://semver.org/ -- to specify package versions• (and you should too for your own package version numbering)• Logical comparison operators, and some wildcarding, allow you to control which version(s) of a package you want• Review https://npmjs.org/doc/json.html#dependencies for fuller explanations of how the various specifiers work
  • 17. Cap the Version Allowed"dependencies": { "express": "<3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 18. Specify Floor Version Required"dependencies": { "express": "<3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 19. Specify Specific Major/Minor Ver."dependencies": { "express": "<3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 20. Specify Exact Version"dependencies": { "express": "<3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": "= 0.6.2"},
  • 21. Specify Version Ranges"dependencies": { "express": ">= 2.5.2 <3.x" ,"underscore": ">=1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 22. Specify Floor Within Minor"dependencies": { "express": "<3.x" ,"underscore": "~1.3.3" ,"everyauth": "0.2.x" ,"mongoose": ">=2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">= 0.6.2"},
  • 23. Environment Management• If you want to pull packages in for e.g. BDD/TDD or other unit testing, mocking, or anything else where you would not put the dependency in production"devDependencies": { "nock": ">= 0.13.4" ,"mocha": "= 1.4.2" ,"chai": ">= 1.2.0" ,"chai-as-promised": ">= 3.2.2"}
  • 24. Node Engine Version Management• The npm docs highly recommend against doing this, but you can specify the version(s) of the node engine that you want your package to run against--again using semver specifications:{ "engines" : { "node" : ">=0.8.08 <0.9.x" } }• You can also force particular npm versions:{ "engines" : { "node" : "~ 0.8.16", npm: "~1.1.65" } }• Unless you put { "engineStrict" : true} in your package.json, this is all just advisory• Isaac Schlueter says “don’t abuse it, or I’ll remove it”
  • 25. package.json so far:{ "dependencies": { "express": "< 3.x" ,"underscore":"name": "raw_init_example", "~1.3.3" ,"everyauth": "0.2.x" ,"mongoose": "~"version": "0.0.1", 2.4.8" ,"mongoose-auth": ">=0.0.12" ,"ejs": ">="description": "Example raw npm init for node.dc meetup", 0.0.1" ,"request": ">= 2.x" ,"q": ">= 0.8.8" ,"winston": ">="private": true, 0.6.2" }, "devDependencies": { "nock": ">= 0.13.4" ,"mocha":"engines" : { "node" : "~ 0.8.16", npm: "~1.1.65" } }, "= 1.4.2" ,"chai": ">= 1.2.0" ,"chai-as-promised": ">= 3.2.2" }}"main": "app.js", "express": "< 3.x" ,"underscore": "~1.3.3" ,"everyauth":"scripts": { "0.2.x" ,"mongoose": "~ 2.4.8" ,"mongoose-auth": "test": "mocha" ">=0.0.12" ,"ejs": ">= 0.0.1" ,"request": ">= 2.x" ,"q": ">=}, 0.8.8" ,"winston": ">= 0.6.2" }, "devDependencies": { "nock":"repository": "", ">= 0.13.4" ,"mocha": "= 1.4.2" ,"chai": ">= 1.2.0" ,"chai-as-"author": "Jonathan M. Altman", promised": ">= 3.2.2" }}"license": "Proprietary",
  • 26. There’s Plenty More npm Can Do For You• npm is a powerful tool. This is just a quick taste of some of the easiest ways to access its most useful features• Some useful links for getting started were at the beginning of the deck
  • 27. Thank you. Questions?