John Karahalis
unread,Jan 23, 2015, 4:14:07 PM1/23/15You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Chris Van Wiemeersch, dev-webdev, Michael Cooper, dev-mdn, Matthew Claypotch
One concern within our team is reliance on third-party resources. By
version-controlling node_modules, for example, we could be confident that
our dependencies will be available whether or not the NPM registry is
available. How do other teams handle that concern?
For whatever it's worth, I feel that we need something between the extremes
of version-controlling dependencies and pulling them down at deploy time.
The former overloads the concept of version-control, making pull requests
less readable, making it possible for sources to be out-of-sync, etc. The
latter introduces a reliance on third-party services. Registry proxies like
bower-cache <
https://pypi.python.org/pypi/bower-cache/0.1.4> have come up
as possible solutions to the latter, but they have their own flaws. I would
prefer a creative solution that learns from the best of both approaches.
But maybe that's a discussion for another day...
On Fri, Jan 23, 2015 at 3:40 PM, Chris Van Wiemeersch <
cwiem...@mozilla.com> wrote:
> +1 to keeping compiled/minified/concatenated files outside of the repos.
> from where I stand, that stuff ought to always be gitignored.
>
> the only exception would be if you're publishing a library (e.g., lunr.js
> provides `lunr.js` and `lunr.min.js` checked in to the repo):
>
>
https://github.com/olivernn/lunr.js
>
> and then I've seen other libraries hosting minified downloads on S3:
>
>
https://github.com/jakearchibald/es6-promise#downloads