Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sharing modules in modern web applications

150 views

Published on

Applications have evolved from monolithics to modularized architectures in the latest years and the distribution of packages is a key for development. This talk will give you some ideas how to improve your development workflow using a private registry with Verdaccio.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Sharing modules in modern web applications

  1. 1. Sharing modules in modern web applications Juan Picado Node.js Meetup June 4th 2019
  2. 2. Juan Picado • Front-End Engineer at Mobfox • Maintainer at Verdaccio • 🚚 Vienna 🇦🇹 -> Berlin 󾓨 • @jotadeveloper
  3. 3. You are missing a lot
  4. 4. How a modern JS project looks like?
  5. 5. yarn, pnpm or npm orchestrate the distribution https://twitter.com/ismonkeyuser/status/882117941344567296
  6. 6. Your code is just small part of your Application https://twitter.com/liran_tal/status/1067775376229834754
  7. 7. A modern application is highly modularized
  8. 8. https://www.youtube.com/watch?v=vypCsVm5z28
  9. 9. All packages come from the registry https://twitter.com/bitandbang/status/1134872073896169472
  10. 10. Javascript is the most collaborative ecosystem
  11. 11. npmjs registry https://www.youtube.com/watch?v=QtChaxbsw7U
  12. 12. SHARE
  13. 13. Link a package is not a real publish
  14. 14. Link a package is not a real publish
  15. 15. yarn berry (v2) seems to fix it
  16. 16. npm pack
  17. 17. npm install ./tarball.tar.gz
  18. 18. A classic
  19. 19. Follow Semantic Versioning https://semver.org/
  20. 20. Microsharing
  21. 21. Publishing
  22. 22. Where to publish?
  23. 23. Self Hosted SaaS 💰💰 💰 💰💰 SaaS uses volumed based pricing FOSS
  24. 24. Spam detection
  25. 25. A lightweight private npm proxy registry
  26. 26. Verdaccio is a lightweight proxy and private registry with an entirely optional configuration that allows you to host private Node.js packages and is compatible with all client package managers such npm, Yarn or pnpm.
  27. 27. Installation node >8
  28. 28. Docker and Kubernetes 4.400.000 pulls https://github.com/verdaccio/docker-examples
  29. 29. CLI
  30. 30. Case Study “We ran the math, npm charges $7/customer/mo and every user has to have a paid account; verdaccio can effortlessly scale to hundreds of users and tens of packages a month” “We use it in production on a single DigitalOcean droplet, $5/mo” https://sheetjs.com/
  31. 31. Demo
  32. 32. Verdaccio 4 is here !!
  33. 33. Verdaccio 4 • New User Interface (React) • Change Password • New permission: unpublish • JWT support • New npm commands (star, profile) • Drop Node.js 6
  34. 34. Documentation https://verdaccio.org
  35. 35. Contributors
  36. 36. 10 npm Security Best Practices https://snyk.io/blog/ten-npm-security-best-practices/ Liran Tal @liran_tal Developer Advocate @snyksec | @NodeJS Security WG | @TheSecureDev team https://www.thesecuredeveloper.com/
  37. 37. Keep in Touch • http://chat.verdaccio.org • https://twitter.com/verdaccio_npm • https://github.com/verdaccio
  38. 38. Donate Open Source must be sustainable https://opencollective.com/verdaccio
  39. 39. https://es.slideshare.net/juancarlospicado
  40. 40. Thanks

×