0

So we've been using npm and package.json to build front-end apps for a long time.

It's fairly common to see this:

  • dependencies
    • lodash
    • react
  • devDependencies
    • webpack
    • eslint

But if you build your project on the production environment, it won't install the dev dependencies.

Webpack is not really a "devDependencies" it is a "buildDependencies" it isn't really used by the project, but you need it to be able to build the project.

But eslint is a devDependency, you don't really need apart from "developing".

so a more correct way to do this would be:

  • bundledDependencies
    • react
    • lodash
  • dependencies
    • webpack
  • devDependencies
    • eslint

but after reading the documentation bundledDependencies are not really meant for this.

Should I actually shrinkwrap my project, so I can be sure that when the CI builds the project is is actually downloading the same thing I tested in my local machine?

So my question is what is the correct way of setting up a package.json for a project that is not really a module?

Vitim.us
  • 20,746
  • 15
  • 92
  • 109
  • in your case (not a module) what is the hazard of putting everything in `dependencies` ? – azium Jun 06 '19 at 20:46
  • it just makes managing dependencies a bit harder – Vitim.us Jun 07 '19 at 01:07
  • in what way does this impact their management? For a module that someone else is using in their project, in yours I don't see how it makes any difference. It seems like splitting them into different categories is what is making it harder to manage – azium Jun 09 '19 at 11:37
  • @azium yes the only benefit seems to be separating, dependencies of the build pipeline, and dependencies used by the project itself. – Vitim.us Jun 11 '19 at 16:54

0 Answers0