I am trying to use yarn to add koa to my project folder but the command does not seem to work for me.
When I run the command it gives me the following warnings:
warning package.json: No license field
warning package-lock.json found. Your project contains lock files generated by tools other than Yarn. It is advised not to mix package managers in order to avoid resolution inconsistencies caused by unsynchronized lock files. To clear this warning, remove package-lock.json.
warning No license field
It tells me to remove the package-lock.json file but I don't have one in my folder as I just created the folder through the mkdir command.
How can you tell laravel mix / npm to exclude searching a specific directory (and it's subdirectories) when you run "npm run prod"? I'm assuming its searching for directories with package.json or bower.json (I ran an strace and found it recursing the offending directory searching for these files)
I have a symlink in my public directory that contains thousands of subdirectories and files. This causes 'npm run prod' to take 20 minutes to finish running (searching through the thousands of subdirectories).
Is there a way to explicitly skip this directory from being recursed?
node_modules folder is quite large in term of size. I wonder if we can delete it after Laravel Mix compile everything? Sure, I tried it before (install jquery) and then delete node_modules folder after Laravel Mix compiled everything. My jquery code still running and there's no error at all. So is it okay?
yes, you can remove it after run:
npm run production
after run this command all necessary codes will save in app.js
and when need node_modules you can download them again with :
npm install
You should never commit your node_modules folder to git. That would take forever. Just commit package.json and package-lock.json.
However, you wouldn't want to have to re-install them everytime you build your code. I checked a large project and the total size is 310 M. What situation do you have where you can't keep that in place?
To directly answer your question, Laravel will never run code from the node_modules folder, all of the code used from there is compiled into app.js, so it is safe to delete if you had to.
I have been using npm for a personal project and just recently stumbled across yarn. Would there be any harm or "intended side effects" to switching to yarn's package manager in the same project where I had been using npm?
Although a few commenters here say its ok to mix both yarn and npm on the same project, after using yarn and npm and then yarn again, this is what yarn has to say about it:
warning package-lock.json found. Your project contains lock files generated by tools
other than Yarn. It is advised not to mix package managers in order to avoid resolution
inconsistencies caused by unsynchronized lock files. To clear this warning, remove
package-lock.json.
Since to me it is not any harm to using both them into one project.
I use npm and yarn (50/50) in dev environment.
But on ci/di i use only yarn because it is faster, and i reduce build minutes thanks yarn.
Also they both create different .lock file names.
Nobody told about the lock files.
Imagine you use yarn on dev environment, and yarn on your build/production servers. When you install a package using yarn, and your project works on your computer, you probably would want to keep it working on a production environment (your server).
That being sad, you would commit you yarn.lock file, that "saves" the exact versions of each package you have, when the project ran on your computer.
On your buid/production server you should call yarn install, but asking to keep all the same versions with --frozen-lockfile parameter. Some even say "yarn install --frozen-lockfile should be the default behavior", and I agree.
Then... another dev jump in the project you are working and install a package using npm (other than yarn). That new package will not be included in your yarn.lock file, but, a new package-json.lock file would be created, telling the exact packages versions it is using.
When that commit arrives on your build/production server, it will crash, fail, because that new package doesn't exist on yarn.lock file. Someone would need to pull that changes, call a yarn to install the dependences and update the lock file with the new package dependences, and push it again to the repo.
A quick point about using the lock file or not. If you call a 'yarn install' on your build/production server some weeks after the last install on your machine, the server would have many other new versions than your last "stable" version. It already happened to me many times.
I published recently the package-locks-checks, which help ensure you have not just one lock file but also locked each package version on your project.
There will be a point that one or both will no longer work and your project will be stuck at only using the existing lock file. Meaning, the issue probably will involve installation fails if you opt to reinstall without a lock file. And that also means failure to create a new lock file, so you are stuck with the existing one that you are trying to get rid off in the first place. We are actually encountering this issue in one of our projects. Because it is so big, no one tries to fix the issue and just rely on the existing lock file.
So, even if we say it's a rare case that it won't cause harm. Mixing npm and yarn should be avoided.
Here https://classic.yarnpkg.com/en/docs/migrating-from-npm/ we may find a confirmation that Yarn's resolution algorithm is compatible with NPM resolution algorithm.
Inside a npm project (with package.json) if you run yarn it will read your node_modules folder (using the resolution algorithm) and create a yarn.lock file with your project's locked dependency tree.
Based on that I assume that they are compatible inside the same project.
Update 30/04/2021
My original reply refers to yarn 1 (classic), although I've just created a React app with create-react-app tool and it creates the project's repository with package.json + yarn.lock by default. Again, another demonstration that it's fine (even with the warning mentioned by Dave Pile).
At the end of the day this is a matter of putting both together to work and checking yourself...
Plus you get a warning from yarn as Dave Pile said because we have to push *-lock.json files changes you have to consider using npm version >= 7 to make sure whenever you install packages by npm it will update your yarn-lock.json file too.
Because whenever you install the packages either by npm or yarn depends on what you have chosen for updating a dependency in the package.json (Using tilde ( ~ ) which gives you bug fix releases and caret ( ^ ) gives you backward-compatible new functionality) it will update you.lock file and since you have to push it might happen that you have different version of lock files.
What is the right way of removing the entire node_modules directory. Do i have to delete it right away
Ultimately you will need the modules for the application to work (if they are not development dependencies)...
If you want to erase modules you installed for development and not required in production then you can use npm prune.
Also, if you're using git you can add /node_modules to the .gitignore file, so you aren't saving libraries to your repo, and then later you can install dependencies by running npm install.
i lost count on how many times i deleted node_modules just by pressing delete button. Had no problem so far, as long as you don't forget to
npm install
everytime you delete node_modules to install dependency that is required by your app.
Best way which i found,in root of app from cmd rmdir /S node_modules and thats it.
you can use rm -rf /node_modules to remove this from project