Remove node_modules from the repository and ignore it

Question

Remove node_modules from the repository and ignore it

Closed this issue 9 years ago · 3 comments

Should I check my node_modules folder into git?

Usually, no. Allow npm to resolve dependencies for your packages.

For packages you deploy, such as websites and apps, you should use npm shrinkwrap to lock down your full dependency tree:

https://docs.npmjs.com/cli/shrinkwrap

If you are paranoid about depending on the npm ecosystem, you should run a private npm mirror or a private cache.

If you want 100% confidence in being able to reproduce the specific bytes included in a deployment, you should use an additional mechanism that can verify contents rather than versions. For example, Amazon machine images, DigitalOcean snapshots, Heroku slugs, or simple tarballs.

Answer 1 · 2015-04-07T14:28:16.000Z

Also, I'm not sure how much of an issue this would be, but keeping node_modules in the repository might cause issues for users on other operating systems if they're using certain native extensions. Also, I think it would be helpful to teach people the basics of using npm by calling commands like install.

Answer 2 · 2015-04-19T20:03:47.000Z

Nice. 👍

Answer 3 · 2015-04-20T21:17:25.000Z

It seems like this issue is not applicable now.