svn commit: r440978 - in head: devel devel/npm-amdefine devel/npm-clean-css devel/npm-clean-css/files devel/npm-commander devel/npm-commander/files devel/npm-graceful-readlink devel/npm-source-map ...

Adam Weinberger adamw at adamw.org
Tue May 16 15:23:23 UTC 2017 

> On 16 May, 2017, at 2:57, Rodrigo Osorio <rodrigo at osorio.me> wrote:
> 
> On 05/16/17 00:27, Adam Weinberger wrote:
>>> On 15 May, 2017, at 16:05, Rodrigo Osorio <rodrigo at FreeBSD.org> wrote:
>>> 
>>> Author: rodrigo
>>> Date: Mon May 15 22:05:46 2017
>>> New Revision: 440978
>>> URL: https://svnweb.freebsd.org/changeset/ports/440978
>>> 
>>> Log:
>>>  Add npm-less-plugin-clean-css a www/lesc tool pluggin and its dependencies
>>> 
>>>  www/npm-less-plugin-clean-css: Compresses the css output from less using clean-css
>>>  ` devel/npm-clean-css: Fast and efficient CSS optimizer for node.js and the Web
>>>    ` devel/npm-source-map: Parse and consume source maps
>>>    | ` devel/npm-amdefine: Implementation of AMD's define() in Node
>>>    ` devel/npm-commander: node.js command-line interfaces made easy
>>>      ` devel/npm-graceful-readlink: Graceful fs.readlink
>> What do all these ports do that npm doesn't already do, especially given that this will cause breakage for everybody with any of these modules installed globally?
>> 
>> # Adam
>> 
>> 
> Hi Adam,
> 
> That's npm dependencies that need to be packages properly, I'll feel unsafe if the port
> relies on npm to download external sources from github during the packaging, without
> checking the integrity.
> 
> Of course, this could be an issue for peoples who deploys npm packages on their own,
> but how can we handle this ? Maybe dep search path should be set manually if you
> install unpackaged npm tools ?
> 
> I run a quick test, but apparently node uses in tree dependencies before global.
> 
> Cheers
> -- rodrigo

The point is that clean-css is already installable by "npm install clean-css" or "npm install -g clean-css". The reason there were no node modules in the ports tree is that npm handles node modules better, manages dependencies automatically, and doesn't break things.

My gut feeling is that these ports are not a good idea. There's currently no policy about node modules, so you didn't do anything wrong by adding them, but I don't think these ports are beneficial.

# Adam


-- 
Adam Weinberger
adamw at adamw.org
https://www.adamw.org

More information about the svn-ports-all mailing list