Hey, Probably a somewhat n00b question, but on sites of your size that build and release as often as yours do - how do you manage your npm and bower packages? Currently we .gitignore our node_modules and bower_components directories, but I feel we should break that SPOF we have with npm and bower's servers, in the event they're unavailable when our CI is running a build/release.
I had considered checking the packages into git, but;
- I'm sure this is frequently advised against [citation needed].
- Some packages such as karma-runner/karma-phantomjs-launcher perform a tailored installation for the OS
npm install
was run from (egphantomjs
for Windows if installed when on Windows) - so if developer A on Windows runsnpm install
and checks it into git, CI Server B on Linux will be failing builds.
Is this SPOF something you're even concerned about? And if so, how do you manage it please?
Thanks a lot guys appreciate it.
Jamie.
Hello, the way we deal with it here is to have our own registry.
This is the only meaningful solution I can think of.
Cheers...