bendrucker/angularjs-stripe

Include release package in npm registry

Closed this issue · 3 comments

I like that you include your source in your published npm package, but could you also include the same release files that you include in your bower package for those of us who no longer want to depend on bower?

I appreciate your consideration! Thanks!

Hi, I don't publish the release files to npm. Basically I was willing to publish build files to bower since it doesn't support deep dependencies. WIth npm I want people dynamically downloading the dependencies so when I (or another dev) release a bug fix on a dependency new downloads receive it automatically. Build files make extra work for me and eventually I intend to eliminate them entirely. When I do that I'll probably add a wzrd.in button and some instructions on how to download and save if desired.

JWess commented

This basically means that anyone not using a module loader cannot use your npm package. I'm a little confused why this would be the case. An NPM package is for others to refer to and use/depend on. If you npm install angularjs, you don't end up with a bunch of source code. You get just a folder with a handful of files, including angular.js, angular.min.js, index.js, and package.json.

You said above that you want people dynamically downloading your new bug fixes as you release them, but this is not something that real life production systems want to happen. If I'm running an ecommerce site that depends on npm packages, I will likely be using npm-shrinkwrap so that I can be certain my production environment will be using the exact versions of npm packages (and their dependencies) that were tested all the way up the pipeline (dev, test, staging, etc.). I wouldn't want any of my dependencies to change without me choosing to update my package.json to point to the new version and then re-test before pushing to prod.

Please help me if I'm missing your point. I'm not trying to sound snooty, I'm just trying to understand why you wouldn't want to do this.

Locking this because I'm not interested in a discussion but I can give you a quick answer:

This basically means that anyone not using a module loader cannot use your npm package

Not really, I'm just not concerned with people using npm without a module loader. npm is full of JavaScript packages meant to be used with require. Most of them need a module loader to be useful. Angular isn't composed of modules to begin with so they just chose to treat npm as a generic artifact store. This project is composed of true modules and so I want to use npm's dependency features.

I will likely be using npm-shrinkwrap

As you should be. People who install for the first time should get the latest version of dependencies. If I update a dependency I should not be obligated to run a build here to get that change out to users.

npm + bundler users get the best experience with full control over their modules (locked down if they want but with updates when they want). The release/ file is just there for novice users/simple projects.