Do you need to review the node_modules folder in Git?

Asked

Viewed 67 times

-1

I’m creating an Angular project. When I went to add the project to Git to commit, the terminal reported that the .gitignore is ignoring the folder node_modules.

I realized that the folder has many files, but it’s important and necessary to add it to Git so that the project runs the same way on another machine or whoever clones the repository will perform this when downloading the project on your machine?

  • 3

    should not, nor is it necessary, what you should add in git is the package-lock.json, because when it comes to executing npm install it will download the exact versions of the packages.

1 answer

0

This is a very common question for people who are starting in the development area and will mess with some Javascript framework.

Just to give a historical context: Before the release of Node, it was usually necessary to manually download dependencies and place them in the project. Each plug-in, font and library needed to be downloaded and added to some folder and versioned along with the project, otherwise it would not work. If you had to use a newer version of a dependency, this was done by deleting the files and then downloading the newer version and putting it in place (Imagine the chaos sometimes haha). Later, there were some solutions to make this job easier, as the Bower. But what really revolutionized the Javascript community was the release of Nodejs together with its package manager, NPM.

With Node and npm, it became much easier to create and share javascript code, and with that came many libs to do everything imaginable. And in addition the frontend tools have advanced much later, getting more and more dependencies. But, unlike the boring job I mentioned before manually managing, npm gets through the package.json save all the dependencies your project needs, and each dependency can download its own dependencies and so on. In addition, it is now possible to update or remove dependencies in a much easier way with a simple command.

Then a file called package-lock.json. This file is automatically generated the first time you install the dependencies. As I commented, npm takes care of installing the dependencies listed on package.json and install dependency dependencies, generating a kind of tree dependencies. So, before lock exists, sometimes some dependency could have version conflict because it is a dependency of your project on an X version and at the same time it is a dependency on another dependency on the Y version, making the project not work. So the package-lock.json serves to save exactly the dependency tree and prevent this kind of conflict from happening.

Now that I’ve explained the role of npm and his package.json and of package-lock.json, I think you can see that the dependency files themselves don’t need to be versioned, because npm will take care of that for you. If you look closely at the contents of the node_modules folder, you will see that it is gigantic and can easily reach up to 1gb or more in size. It would be quite unproductive to save all these files unnecessarily, since npm takes care exactly that we can download all of them, in the correct version with just one command.

So when we’re going to see a project in git, whether it’s Frontend or Node, we just need to save our project’s files and our package.json and of package-lock.json. In the case of a public repository or shared with others, it is good practice to create a file called readme.md with a section that teaches how to install dependencies and run the project.

So don’t worry, when someone downloads your project, it will run the npm install and the project will work perfectly.

  • Very good, Fábio, Thanks! I was with this doubt, but the explanation helped a lot.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.