本文翻譯自:Should I check in node_modules to git when creating a node.js app on Heroku?
I followed the basic getting started instructions for node.js on Heroku here:
我在Heroku上遵循了node.js的基本入門說明:https://devcenter.heroku.com/categories/nodejs
https://devcenter.heroku.com/categories/nodejsThese instruction don't tell you to create a .gitignore node_modules, and therefore imply that node_modules should be checked in to git.
這些指令不會告訴您建立.gitignore node_modules,是以暗示應該将node_modules簽入git。When I include node_modules in git my getting started application ran correctly.
當我在git中包含node_modules時,我的入門應用程式正确運作。When I followed the more advanced example at:
當我按照更進階的例子:https://devcenter.heroku.com/articles/realtime-polyglot-app-node-ruby-mongodb-socketio https://github.com/mongolab/tractorpush-server (source)
https://devcenter.heroku.com/articles/realtime-polyglot-app-node-ruby-mongodb-socketio https://github.com/mongolab/tractorpush-server(source )It instructed me to add node_modules to .gitignore.
它訓示我将node_modules添加到.gitignore。So I removed node_modules from git, added it to .gitignore, then re-deployed.
是以我從git中删除了node_modules,将其添加到.gitignore,然後重新部署。This time the deployed failed like so:
這次部署失敗如下:-----> Heroku receiving push
-----> Node.js app detected
-----> Resolving engine versions
Using Node.js version: 0.8.2
Using npm version: 1.0.106
-----> Fetching Node.js binaries
-----> Vendoring node into slug
-----> Installing dependencies with npm
Error: npm doesn't work with node v0.8.2
Required: [email protected] || 0.5 || 0.6
at /tmp/node-npm-5iGk/bin/npm-cli.js:57:23
at Object.<anonymous> (/tmp/node-npm-5iGk/bin/npm-cli.js:77:3)
at Module._compile (module.js:449:26)
at Object.Module._extensions..js (module.js:467:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Module.require (module.js:362:17)
at require (module.js:378:17)
at Object.<anonymous> (/tmp/node-npm-5iGk/cli.js:2:1)
at Module._compile (module.js:449:26)
Error: npm doesn't work with node v0.8.2
Required: [email protected] || 0.5 || 0.6
at /tmp/node-npm-5iGk/bin/npm-cli.js:57:23
at Object.<anonymous> (/tmp/node-npm-5iGk/bin/npm-cli.js:77:3)
at Module._compile (module.js:449:26)
at Object.Module._extensions..js (module.js:467:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Module.require (module.js:362:17)
at require (module.js:378:17)
at Object.<anonymous> (/tmp/node-npm-5iGk/cli.js:2:1)
at Module._compile (module.js:449:26)
Dependencies installed
-----> Discovering process types
Procfile declares types -> mongod, redis, web
-----> Compiled slug size is 5.0MB
-----> Launching... done, v9
Running "heroku ps" confirms the crash.
運作“heroku ps”确認崩潰。Ok, no problem, so I rolled back the change, add node_module back to the git repository and removed it from .gitignore.
好的,沒問題,是以我復原了更改,将node_module添加回git存儲庫并從.gitignore中删除它。However, even after reverting, I still get the same error message on deploy but now the application is running correctly again.
但是,即使在還原後,我仍然在部署時收到相同的錯誤消息,但現在應用程式再次正常運作。Running "heroku ps" tells me the application is running.
運作“heroku ps”告訴我應用程式正在運作。So my question is what's the right way to do this?
是以我的問題是這樣做的正确方法是什麼?Include node_modules or not?
是否包含node_modules?And why would I still be getting the error message when I rollback?
為什麼我復原時仍然會收到錯誤消息?My guess is the git repository is in a bad state on the Heroku side?
我的猜測是Heroku方面的git存儲庫處于不良狀态?#1樓
參考:https://stackoom.com/question/m58F/在Heroku上建立node-js應用程式時-我應該将node-modules檢入git嗎
#2樓
Instead of checking in node_modules, make a package.json file for your app.
而不是檢入node_modules,為您的應用程式建立一個package.json檔案。The package.json file specifies the dependencies of your application.
package.json檔案指定應用程式的依賴項。Heroku can then tell npm to install all of those dependencies.
然後Heroku可以告訴npm安裝所有這些依賴項。The tutorial you linked to contains a section on package.json files.
您連結的教程包含有關package.json檔案的部分。#3樓
You should not include
node_modules
in your
.gitignore
(or rather you should include
node_modules
in your source deployed to Heroku).
您不應該在.gitignore
包含 node_modules
(或者您應該在部署到Heroku 的源中包含 node_modules
)。 If
node_modules
:
如果node_modules
: - exists then
will use those vendored libs and will rebuild any binary dependencies withnpm install
. 存在 ,那麼npm rebuild
将使用這些vendored庫和将重建與任何二進制依賴npm install
。npm rebuild
- doesn't exist then
will have to fetch all dependencies itself which adds time to the slug compile step. 不存在 ,則npm install
必須取這增加的時間段塞編譯步驟都依賴本身。npm install
See the Node.js buildpack source for these exact steps
有關這些确切的步驟,請參閱Node.js buildpack源代碼However, the original error looks to be an incompatibility between the versions of
npm
and
node
.
但是,原始錯誤看起來是npm
和 node
的版本之間的不相容性。 It is a good idea to always explicitly set the
engines
section of your
packages.json
according to this guide to avoid these types of situations:
根據本指南總是顯式設定packages.json
的 engines
部分是一個好主意,以避免這些類型的情況: {
"name": "myapp",
"version": "0.0.1",
"engines": {
"node": "0.8.x",
"npm": "1.1.x"
}
}
This will ensure dev/prod parity and reduce the likelihood of such situations in the future.
這将確定dev / prod奇偶校驗并減少将來出現此類情況的可能性。#4樓
What worked for me was explicitly adding a npm version to package.json ("npm": "1.1.x") and NOT checking in node_modules to git.
對我有用的是明确地将一個npm版本添加到package.json(“npm”:“1.1.x”)而不是将node_modules檢入git。It may be slower to deploy (since it downloads the packages each time), but I couldn't get the packages to compile when they were checked in. Heroku was looking for files that only existed on my local box.
它的部署速度可能較慢(因為它每次都會下載下傳軟體包),但是在簽入時我無法編譯軟體包.Heroku正在查找僅存在于本地檔案夾中的檔案。#5樓
My biggest concern with not checking
node_modules
into git is that 10 years down the road, when your production application is still in use, npm may not be around.
我最大的擔心是沒有将node_modules
檢查成git是 node_modules
10年,當你的生産應用程式仍在使用時,npm可能不在。 Or npm might become corrupted;
或者npm可能會被破壞;or the maintainers might decide to remove the library that you rely on from their repository;
或者維護者可能決定從他們的存儲庫中删除您依賴的庫;or the version you use might be trimmed out.
或者您使用的版本可能會被删除。This can be mitigated with repo managers like maven, because you can always use your own local Nexus or Artifactory to maintain a mirror with the packages that you use.
這可以通過像maven這樣的repo管理器來緩解,因為您可以随時使用自己的本地Nexus或Artifactory來維護鏡像,使用您使用的軟體包。As far as I understand, such a system doesn't exist for npm.
據我所知,npm不存在這樣的系統。The same goes for client-side library managers like Bower and Jamjs.
對于像Bower和Jamjs這樣的用戶端庫管理器也是如此。If you've committed the files to your own git repo, then you can update them when you like, and you have the comfort of repeatable builds and the knowledge that your app won't break because of some third-party action.
如果您已将檔案送出到您自己的git倉庫,那麼您可以在需要時更新它們,并且您可以獲得可重複建構的舒适性以及您的應用程式因某些第三方操作而不會中斷的知識。#6樓
Second Update 第二次更新
The FAQ is not available anymore.
常見問題解答不再可用。From the documentation of
shrinkwrap
:
從shrinkwrap
的文檔: If you wish to lock down the specific bytes included in a package, for example to have 100% confidence in being able to reproduce a deployment or build, then you ought to check your dependencies into source control, or pursue some other mechanism that can verify contents rather than versions. 如果您希望鎖定包中包含的特定位元組,例如,為了能夠100%放心地重制部署或建構,那麼您應該檢查您的依賴關系到源代碼控制,或者尋求其他一些可以驗證的機制内容而不是版本。
Shannon and Steven mentioned this before but I think, it should be part of the accepted answer.
Shannon和Steven之前曾提到這一點,但我認為,它應該是公認答案的一部分。Update 更新
The source listed for the below recommendation has been updated .
針對以下建議列出的來源已更新 。They are no longer recommending the
node_modules
folder be committed.
他們不再建議node_modules
檔案夾。 Usually, no. 通常,沒有。 Allow npm to resolve dependencies for your packages. 允許npm解析包的依賴關系。 For packages you deploy, such as websites and apps, you should use npm shrinkwrap to lock down your full dependency tree: 對于您部署的軟體包(例如網站和應用程式),您應該使用npm shrinkwrap來鎖定完整的依賴關系樹: https://docs.npmjs.com/cli/shrinkwrap https://docs.npmjs.com/cli/shrinkwrap
Original Post 原帖
For reference, npm FAQ answers your question clearly:
作為參考,npm FAQ清楚地回答了你的問題:Check node_modules into git for things you deploy, such as websites and apps. 檢查node_modules到您部署的内容,例如網站和應用程式。 Do not check node_modules into git for libraries and modules intended to be reused. 不要将node_modules檢查為git,以用于要重用的庫和子產品。 Use npm to manage dependencies in your dev environment, but not in your deployment scripts. 使用npm管理開發環境中的依賴項,但不能在部署腳本中管理依賴項。
and for some good rationale for this, read Mikeal Rogers' post on this .
對于一些很好的理由,請閱讀邁克爾羅傑斯的文章 。Source: https://docs.npmjs.com/misc/faq#should-i-check-my-node-modules-folder-into-git
資料來源: https : //docs.npmjs.com/misc/faq#should-i-check-my-node-modules-folder-into-git