I am a beginner of node.js and express. I find that I can use "package.json" and npm install to solve the dependency of node.js modules. The command will install locally the
required modules, which seem like static libraries in C++ to me.
I have two questions:
When should I use global installation of the modules with npm install -g and when to use local installation (especially for express applications)?
I use git for version control. Should I add the locally installed third-party node.js modules to the repository? The modules seem big in size and certainly not my code. I am confused of the version control of those modules.
Any help or hint is welcomed, and thanks in advance!
1: Install modules you use from the command line globally like expresss, the others locally. If you dont know install them in both places
More info: http://blog.nodejs.org/2011/03/23/npm-1-0-global-vs-local-installation/
2: Dont upload the dependencies to git, you can specify a concrete version number in your package.json file so you dont need them there. Add node-modules to .gitignore
In general, always specify your dependencies in package.json, and run npm install. The advantages of doing so is that you have an explicit list of the project's dependencies and you don't have to check in the modules in git.
There are some modules which require being installed globally, but if in those cases it should be specified in the docs and you can often consider those modules not part of the project. For example if you're using Grunt, grunt-cli has to be installed globally since it adds command line commands, but it's not actually used by your code.
As @pfried said above, if you're working on a module it's considered best practice to not check in dependencies. However if you're working on a full website/application that is not supposed to be distributed to others it might be advantageous to check in even the dependencies.
The reason for this is that even if you have specified "express": "3.0.1", one of express' dependencies might be specified as "0.x.x". So when you install the application later on the production server you might get another version and hard-to-detect bugs. By checking in the dependencies you're completely certain that you won't run into any difference in any code between local, stage and production servers.