0

Often while using npm I've come across errors that appear to mean nothing - Visual Studio projects failing to build, build tools (eg: python.exe / CL.exe) not being available on the command line etc.

Some examples of packages I've seen fail to build many times:

  • kerberos
  • node-gyp
  • bcrypt

These throw big error messages with stack traces etc to the console during npm install, clearly having failed completely; however, NPM carries along happy as Larry and 9 times out of 10 my Javascript application and all its dependencies work fine.

  1. Does npm install re-build every single dependency recursively, using whatever compilers are available on the local machine?

  2. If so, and considering the huge number of dependencies even simple packages can have, how am I able to do ANYTHING without a full suite of programming languages and compilers installed?

  3. Why is it that these dependencies failing doesn't necessarily mean my final project will be unusable?

  4. If a dependency failing to build is "ok", why bother having the dependency at all?

I haven't been able to find clear answers on any of this, due to the overwhelming number of resources found when searching for terms like "npm build fail".

Alex McMillan
  • 17,096
  • 12
  • 55
  • 88
  • npm doesn't dictate what is in a module; personally I do my best to avoid modules that bring in heavy dependency requirements or do not offer the relevant bundling - but this isn't related to npm itself. – user2864740 Nov 23 '15 at 05:18
  • Yeah... but some common things have massive dependency trees; for example, creating an empty project and installing webpack creates a tree of 149 packages! Sure, that's a lot... but I like webpack. – Alex McMillan Nov 23 '15 at 05:24

1 Answers1

3

npm will succeed if those dependencies are actually marked as optional. The ws module is an example of this where they have optional dependencies on two compilable addons. If they fail to build, then ws just uses pure js fallback implementations.

The reason that addons are sometimes added as optional dependencies is that the they (more often than not) perform faster than the pure js alternatives, even for something as "simple" as UTF-8 validation or XOR'ing the contents of a Buffer.

mscdex
  • 104,356
  • 15
  • 192
  • 153
  • My answer either directly or indirectly answers all 4 of your questions. To expand on the answer for your first question, `npm install` does re-build your dependencies. – mscdex Nov 23 '15 at 21:10
  • I note that you have added more information to your answer since my last comment; however, many failing packages (eg [kerberos](https://www.npmjs.com/package/kerberos) and [node-gyp](https://www.npmjs.com/package/node-gyp)) are not simply "faster alternatives" for things like UTF8 validation. Thank you for your answer, but "because they're optional" just isn't the answer I'm looking for. – Alex McMillan Nov 23 '15 at 21:40
  • Obviously the "why they are optional" or "why the addon fails to build" are entirely dependent on the actual parent package or the build failure messages. Also, `node-gyp` doesn't currently depend on any addons (for obvious reasons), so installing that should not try to invoke any compiler. – mscdex Nov 23 '15 at 22:31
  • I was just mentioning it as an example of a package that fails to build (very frequently in my experience). Right now it is failing with `cannot find module 'nan'` which implies the latest build of `node-gyp` does not include its dependencies, but googling for that message shows its too ambiguous to find an answer. I just want my projects to build cleanly - is that too much to ask? – Alex McMillan Nov 23 '15 at 22:56