7

I've noticed that in trying to get seemingly simple node packages to install with npm (e.g. nerve, a "micro-framework") I often run into some form of dependency pain. After some digging, I tracked down the problem with nerve to the bcrypt module, which is apparently written in C/C++ and has to be compiled after the package manager downloads it.

Unfortunately, it seems like if you want this to work on Windows, the answer is (from one of the bcrypt issues threads) "install a Linux VM". So earlier today I did just that, and started running into other dependencies (you need certain unnamed apt packages installed before you can even think about building, despite GCC being installed), then eventually after seeing yet another C compiler error (about some package or other not being able to find "Arrays.c" I think), I actually gave up, and switched from nerve to express instead. Ironically, the larger and more complicated express installs with npm on Linux and Windows without a single issue.

So, my question is: is there any filter / dependency tracking available that lets you see if a package has additional dependencies besides node core? Because to me the allure of node is "everything in Javascript", and this kind of stuff dispels the illusion quite unpleasantly. In fact, despite having done more than my time working with C/C++, whenever I see a requirement to "make" something these days I generally run in the other direction screaming. :)

Community
  • 1
  • 1
Dave
  • 556
  • 1
  • 6
  • 17
  • 1
    I feel your pain Dave, but some times we're forced down to c/c++ by optimization and resource demands. After working on a few native node modules and trying not to repeat anything and use reasonable dependencies, I've run into a number of issues. Perhaps the most rational node modules are those that call or execute native code as opposed to compile and link with it. – Mark Essel Jun 13 '12 at 20:35

3 Answers3

15

The first solution doesn't tell you if a dependency makes the package impure or not. Much better to search for gyp generated output:

find node_modules/ | grep binding.gyp || echo pure
Bence Frenyó
  • 301
  • 3
  • 5
  • Yes it does provide an answer, and in this case it is even correct unlike the first answer. You cannot tell from a "make build" what that does. It might build something which is not pure script, but it might not. And that answer also doesn't check any dependency either. The only correct answer is to search for the any evidence of the node-gyp, which is to build anything that is impure. – Bence Frenyó Jul 29 '16 at 08:53
  • 1
    `find node_modules -name binding.gyp` would be a more natural way to use find. – rvighne Sep 14 '20 at 06:22
  • On Windows: dir /s node_modules\binding.gyp – sw1337 Jan 29 '23 at 15:38
3

Node is not "everything javascript" , since one way to extend node core is to write c/c++ plugins.

So Node is more a javascript wrapper around c/c++ modules using V8.

How could you write efficient database drivers in pure javascript for instance ? it would be possible but slow.

as for the filters , it is up to the author to document his package. there is no automatic filter.

mpm
  • 20,148
  • 7
  • 50
  • 55
  • As i said , it is possible ( writing pure js database drivers ) , but did you actually test the package ? i did . – mpm May 10 '12 at 17:03
  • 3
    I've just found this benchmark page comparing pure JS implementations with the libmysql one: https://github.com/Sannis/node-mysql-bindings-benchmarks/wiki It looks like https://github.com/sidorares/nodejs-mysql-native is just as fast as the one that links to the mysql lib. It doesn't surprise me at all - surely the bottlenecks for this stuff will be network and database CPU / I/O, not the client itself? – Dave May 10 '12 at 18:00
  • This doesn't answer the question and would be better posted as a comment. Bence's answer gives one way to look for C/C++ dependencies. – ZachB Sep 20 '18 at 18:57
3

Look out for the "scripts" field in the package.json.

If it contains something like

 "scripts": {
    "install": "make build",
 }

and a Makefile in the root directory, there's a good possibility that the package has some native module which would have to be compiled and built. Many packages include a Makefile only to compile tests.

This check on the package documents does not exclude the possibility that some dependency will have to be compiled and built. That would mean repeating this process for each dependency in the package.json, their dependencies and so on.

That said many modules have been updated to install, without build on Windows, express for one. However that cannot be assured of all packages.

Using a Linux VM seems to be the best alternative. Developing Node.js applications on Window gives you step by step instructions on installing a VM, Node.js and Express.

almypal
  • 6,612
  • 4
  • 25
  • 25
  • This isn't reliable... npm/yarn will automatically build native code if there is a `binding.gyp` file present, which is how every native module that I'm aware of is handled. This also doesn't tell you if `make` is being used for C/C++ or for JS (which some packages do). – ZachB Sep 20 '18 at 18:55