-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bundling #15
Comments
On 09/16/2015 10:20 PM, Jérémy Lal wrote: An excellent summary - thanks Jeremy!
So the resulting install of the Debian package (except for the location) Cheers, Ross |
Well, almost exactly yes - with the little variation that the modules should be "deduped" if we want |
Just came across this interesting use case: in this use case, "stream-utils" is not an upstream bundle with a bundle version, so it's up to debian to use an artificial incremented version number whenever one of the bundled module need to be updated. |
More information about how debian/watch is used: |
can this be manually achieved by performing this in the packaging repo
given the very low frequency that modules are bundled nowadays and that we 're actively trying to unbundle (as in |
Update: using pkg-components >= 0.10 i've setup an example with node-tar 4.4.1+ds-2, |
now that the accepted procedure for bundling seems to be https://wiki.debian.org/Javascript/GroupSourcesTutorial, npm2deb could support it the tool could automatically detect which modules are not yet in Debian, and:
user should then need to:
step 1 could even be made semi-automatic:
|
Hi,
long time no talk !
Here are some notes about bundling
Command:
npm2deb bundle ...
where either has no version, in which case the latest
satisfying package.json is used (this is the preferred form), or
is written as mymodule@myversion.
Q what is bundling
A we want to be able to get the upstream tarball of a node module,
the upstream tarballs of a specific list of sub-modules,
extract each one of those sub-modules in node_modules/
and repack a new upstream tarball
Q is there any difficulty of doing so ?
A if all modules have a "repository" field in their package.json, and if
that repository has tagged releases, it's easy.
Q what happens when a sub-module has a more recent version available ?
A bundling is a modification of the upstream release, and as such, should
be written somehow in the upstream version number, typically with a version
bundle number, like 1.2.3
bundle1.dfsg1+bundle1.Should the tarball exclude some files, it could be written as 1.2.3
So when a sub-module is upgraded, the suffix after bundle must be incremented.
Q then bundling must keep track of which versions are in the bundle - how to do it ?
A mainly by comparing what is going to be in the new bundle with what is currently
in the bundle ! All node_modules//package.json define the current version
of each module ! If the new bundle has any change, increment its number by one.
Q how to watch sub-modules new releases ?
A you don't really care - it's upstream's job to do that
Q really, i fear that many modules won't ever update their bundled sub-modules
if no automatic tracking of updates is available
A well, if we really want that feature, then an upstream tracker service must
do that job. The list of submodules should be written in debian/watch.
Q how to install the bundled modules ?
A just debian/install
node_modules usr/lib/nodejs/
Q in which cases bundling is justified ?
A this is not made to avoid packaging work !
bundling is useful when four of five of those conditions are met:
despite it being possibly useful
it will ever be.
to use the alternative is too complicated, too much work, and upstream won't
accept any patch regarding a change to using that other better module.
Mind that
the upstream tarball of each submodule (and not just a part of it) is included,
so it asks for more copyright review work.
because it's easier and cleaner to maintain and update.
different incompatible versions. Usually it's fixable but sometimes bundling
could save a maintainer life.
case above).
The text was updated successfully, but these errors were encountered: