RFC: Private installation location for NodeJS modules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello list!

# TL;DR

I'm looking for installation location for node_modules shared
between multiple NodeJS streams without necessarily being visible to
other packages. The current candidate is /var/lib/nodejs/node_modules.

# Longer version

During recent onboarding of nodejs22 package,
we ran into issues with un-bundled WASM dependencies/components
(nodejs-undici/nodejs-cjs-module-lexer packages).
They are currently installed into the default
`%nodejs_sitelib` (/usr/lib/node_modules/);
that directory is a symlink pointing to /usr/lib/node_modules_XY,
where XY is the current default NodeJS stream.

The problem is that I would like to have these components shared between
all streams, without needing for them to be built separately for each stream
unless proven necessary.
But because the un-versioned `/usr/lib/node_modules` is not an actual directory,
I'm forced to use the default stream.
This has several drawbacks:

1.  For other streams, it's tricky (although doable) to point
    the configure script to the un-bundled components.
    Current macros aren't usable, as they are being parametrized by the
    current stream automatically.
2.  Parts of any non-default streams are located in a location owned by
    another stream/package. If you only install non-default stream,
    you would end up with at least 2 `/usr/lib/node_modules_XY` folders on
    your system.
3.  Possibly others. :-)

I can come up with a workaround for most of the drawbacks;
nevertheless, I would prefer coming up with a cleaner solution.

While discussing the problems with more upstream-adjacent colleagues,
they mentioned that exposing the components used by the NodeJS engine
itself fot other packages/apps is generally frowned upon.
While I'm not generally partial to the way any NodeJS application
bundles dependencies, it gave me an idea that could alleviate most of my
problems.

I'm now thinking of making the un-bundled components semi-private,
in the sense that while they will be installed on the system and visible
to any properly configured NodeJS engine, they would not generally be
importable by outside applications:

1.  Instead of /usr/lib/node_modules, use /var/lib/nodejs/node_modules
    for any shared, un-bundled components of NodeJS.
2.  Use that location directly in configure script of any NodeJS engine
    (that part does not use the usual import mechanism for npm modules).
3.  For backward compatibility, the private directories could be
    symlinked to /usr/lib/node_modules_XY, which should make them
    importable by npm.

---

I like this idea, but I would like to hear any opinions
from wider Fedora community.
It's entirely possible I overlooked something important,
and I would rather scrap the idea than commit to something broken.
--
Jan Staněk
Software Engineer, Red Hat
jstanek@xxxxxxxxxx   irc: jstanek

Attachment: signature.asc
Description: PGP signature

-- 
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux