Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Code Reviews Meta
Q&A
Posts Tags Edits
Ask Question

Welcome to Software Development on Codidact!

Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.

Comments on Is it necessary for a build server to remove node_modules before an AOT build?

Parent

Is it necessary for a build server to remove node_modules before an AOT build?

+1
−0

I am currently dealing with an Angular application that is being deployed using an CI orchestrator and Jenkins.

Jenkins job is configured to do the following (relevant steps only):

  • fetch sources from Git
  • remove node_modules
  • npm install
  • perform AOT build (--prod + other optimizations)
  • deploy

I have noticed that node_modules removal + npm install + AOT build takes way more time than simply calling npm install + perform AOT build, so I am wondering why the removal.

I have asked a few colleagues about this configuration and no one seems to know why the removal is required.

From what I know, removing node_modules is very rarely required (maybe some major update messes up some packages or similar) and I haven't removed any node_modules for any project in years (development environment).

So, is it necessary for a build server to remove node_modules before an AOT build?

angular build node-modules
posted over 3 years ago
user card
Alexei‭
4928 reputation 111 101 679 474
History
Why does this post require moderator attention?
You might want to add some details to your flag.
Why should this post be closed?

0 comment threads

Post
+4
−0

I suspect this is an outdated practice:

Prior to npm 3, npm did not keep track of resolved dependencies, and npm install would try to reconcile the existing with the declared dependencies. Since node_modules is not commonly under version control, this meant that the build would depend on hidden state, and therefore be non-reproducible. Back then, the easiest and most reliable way to ensure reproducible builds was deleting node_modules.

Since npm 3, npm keeps track of resolved dependencies in package-lock.json, thereby guaranteeing that the same dependency versions are used irrespective of the prior state of node_modules (this should even work if the registry is updated retroactively, which sometimes happens to fix high priority security issues).

Nowadays, the only benefit of deleting node_modules would be to guard against software other than npm tampering with its contents - but nobody should do that (and if somebody has hacked your build server, you probably have bigger problems ...)

posted over 3 years ago
3y ago
user card
meriton‭
2375 reputation 7 56 220 35
History
Why does this post require moderator attention?
You might want to add some details to your flag.

1 comment thread

General comments (2 comments)
General comments
Alexei‭ wrote over 3 years ago
copy link

I also suspect this reason. Unfortunately, where I work it sometimes happens that folks to just copy-paste old projects configuration (in this case Jenkins job configuration) without wondering why a step is there. Thanks.

Alexei‭ wrote almost 3 years ago
copy link

Recently, a major Node.js upgrade (12 -> 14) on a target server required the removal of the node_modules. Other than that, no need to remove it.