Today we use GitHub - theforeman/npm2rpm: ๐ Convert npm packages to RPM packages to create our RPM packages. More recently, Fedora has updated their nodejs-packaging and that now provides a nodejs-packaging-bundler command. Today I spent some time investigating the differences and here are my notes.
npm2rpm for bundled dependencies uses npm to set up the node_modules directory. It does so by telling it where are all the sources are and then having cached responses from the NodeJS CDN. These cached responses are stored in a tarball that is committed in git. In practice these cached responses are large (usually larger than the actual NPM packages).
In contrast, nodejs-packaging-bundler creates a tarball with the actual node_modules directory structure for production modules and stores that as a tarball. There is also tarball with the development dependencies and a file with all the bundled licenses (though I got the impression those are just the license names from package.json. They also take care of warning when a package doesnโt have a license.
At this point Iโm tempted to replace npm2rpm with a much simpler solution. Perhaps one that only creates a bundle for Foreman and one for each plugin that needs it.
It may be needed to first make sure that every plugin can consume the primary Foreman application as a module to get rid of all the redundant dependencies in plugins. I also donโt see any reason to keep foreman-js around anymore after that.
Though I am worried: the whole node_modules directory for is now 1,5 GB. While it probably compresses well, it is BIG.