From mboxrd@z Thu Jan 1 00:00:00 1970 From: swedebugia Subject: Re: NPM importer Date: Fri, 23 Nov 2018 20:50:36 +0100 Message-ID: References: <70F182DB-C157-4763-A4C6-89985545661C@lepiller.eu> <0e5afb2d-c182-6be4-ba2d-6a6f7dd45ac9@riseup.net> <1150DF84-4952-4401-A8D0-3E05A4D0EB74@lepiller.eu> <23f36a0d-a5ef-5457-1d8e-61fbebda91c4@riseup.net> <87zhu3b41w.fsf@gnu.org> <87va4qxf8e.fsf@posteo.net> <62a1a976-ed2f-a68d-0aa8-d6fb6bd46c14@riseup.net> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:53515) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gQHNd-0000QV-IX for guix-devel@gnu.org; Fri, 23 Nov 2018 14:44:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gQHNZ-0005Lp-Se for guix-devel@gnu.org; Fri, 23 Nov 2018 14:44:45 -0500 In-Reply-To: <62a1a976-ed2f-a68d-0aa8-d6fb6bd46c14@riseup.net> Content-Language: en-US List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Brett Gilio , Mike Gerwitz Cc: guix-devel@gnu.org On 2018-11-22 02:02, swedebugia wrote: > Hi > > On 2018-11-22 00:22, swedebugia wrote: > snip > >> A graph of all npm packages and top packages is also available: >> https://exploring-data.com/info/npm-packages-dependencies/ This graph is in-degree and does not consider versions. It is useful only to see the relative popularity of libraries. It does not reveal the out-degree which is what we are interested in: recursive dependencies (given x what does it take to build x? build and test x?) Also it leaves out any information about licensing. It would be nice with a graph of which npm packages has which licenses with licenses as vertices/nodes and packages as edges. snip > > See also the issue I created here: snip > And similar here: https://github.com/jashkenas/underscore/issues/2790 Got an answer which is good news for building and bad news for testing: "devDependencies": { "coveralls": "^2.11.2", // NOT NEEDED: Posts coverage reports to converalls.io "docco": "*", // NOT NEEDED: Builds docs "eslint": "1.10.x", // Needed for linting (not sure if you think of linting as part of testing) "gzip-size-cli": "^1.0.0", // NOT NEEDED "karma": "^0.13.13", // Needed for testing "karma-qunit": "~2.0.1", // Needed for testing "karma-sauce-launcher": "^1.2.0", // Needed for testing "nyc": "^2.1.3", // Needed for testing "pretty-bytes-cli": "^1.0.0", // NOT NEEDED "qunit-cli": "~0.2.0", // Needed for testing "qunit": "^2.6.0", // Needed for testing "uglify-js": "3.3.21" // Needing for building }, In summary direct devdeps: 1 needed for building, 6 needed for testing. uglify-js is a minifier used in a lot of projects and the only one needed for this specific project. For packages like this we could probably patch the package to skip the minifying step and let the user choose which minifier (if any) to use. In this particular case the minifier compacts the code from 57KB -> 17.6KB. The most important thing I think is to be able to start packaging this mess so cutting an arm and a leg in the beginning (= skip minification and testing is warranted in my view). In this case the only thing left to do to package underscore is to: 1) name it: e.g. node-underscore (like debian) 2) decide whether to delete the minified upstream or not in the guix package. Hooray! -- Cheers Swedebugia