- They must be updated manually
- They are minified, so they should not be tracked by git
In some personal projects, especially with iTasks-electron, I use a package.json to manage dependencies, and I add symlinks from
node_modules, which is where
npm keeps vendor files. This works fine on Linux, because the web resource collector copies the content of the target of the link, but it's not really an option on Windows where it takes quite some effort to set up git with symbolic links.
Perhaps we can come up with a solution where you can add a file
WebPublic-node_modules.jsonl, with content like:
["copy", "leaflet/leaflet-window.css", "css/leaflet-window.css"] ["copy", "leaflet/leaflet-window.js", "js/leaflet-window.js"]
The web resource collector should treat this file specially and copy the files listed in it from
node_modules. (I don't envision another use case than copying, but suggest a JSON array where the first element is a command so that we can extend this later.)
We can then create a
package.json for iTasks which contains the dependencies needed for leaflets, pikaday, etc., so that applications only need to require iTasks in their
package.json. The npm package for iTasks can be a meta-package, i.e. it would be empty and only be there to group its dependencies.
This proposal has the main drawback that you need to have
npm installed and run it at least once to fetch the dependencies. This will mainly be problematic for Windows users. We can however add a CI job to create a
node_modules.zip archive which you can download instead of running
npm yourself. We could also let the web resource collector collect files from a
node_modules directory in any directory in the include path, so that we can create
$CLEAN_HOME/lib/iTasks/node_modules in builds. Applications then only need to create their own
package.json if they require additional dependencies.