diff options
| author | Timothy J Fontaine <tjfontaine@gmail.com> | 2014-09-24 14:41:07 -0700 |
|---|---|---|
| committer | Timothy J Fontaine <tjfontaine@gmail.com> | 2014-09-24 17:15:10 -0700 |
| commit | 9fad8958df671c0e894506ef59b4c781c3dfb349 (patch) | |
| tree | 4db7643b40c4ffd726fb27fb4aa276d420b3bfd8 /deps/npm/html/doc/misc/npm-faq.html | |
| parent | b26dd4e5ab9192bad72b9dc61fa4ad2d8f215da2 (diff) | |
| download | node-new-9fad8958df671c0e894506ef59b4c781c3dfb349.tar.gz | |
deps: upgrade npm to 2.0.0
Diffstat (limited to 'deps/npm/html/doc/misc/npm-faq.html')
| -rw-r--r-- | deps/npm/html/doc/misc/npm-faq.html | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/deps/npm/html/doc/misc/npm-faq.html b/deps/npm/html/doc/misc/npm-faq.html index cdde512eee..85536d6f12 100644 --- a/deps/npm/html/doc/misc/npm-faq.html +++ b/deps/npm/html/doc/misc/npm-faq.html @@ -59,17 +59,16 @@ program that uses it.</p> in a shell script if you really wanted to.</p> <p>npm will not help you do something that is known to be a bad idea.</p> <h2 id="should-i-check-my-node_modules-folder-into-git-">Should I check my <code>node_modules</code> folder into git?</h2> -<p>Mikeal Rogers answered this question very well:</p> -<p><a href="http://www.futurealoof.com/posts/nodemodules-in-git.html">http://www.futurealoof.com/posts/nodemodules-in-git.html</a></p> -<p>tl;dr</p> -<ul> -<li>Check <code>node_modules</code> into git for things you <strong>deploy</strong>, such as -websites and apps.</li> -<li>Do not check <code>node_modules</code> into git for libraries and modules -intended to be reused.</li> -<li>Use npm to manage dependencies in your dev environment, but not in -your deployment scripts.</li> -</ul> +<p>Usually, no. Allow npm to resolve dependencies for your packages.</p> +<p>For packages you <strong>deploy</strong>, such as websites and apps, +you should use npm shrinkwrap to lock down your full dependency tree:</p> +<p><a href="https://www.npmjs.org/doc/cli/npm-shrinkwrap.html">https://www.npmjs.org/doc/cli/npm-shrinkwrap.html</a></p> +<p>If you are paranoid about depending on the npm ecosystem, +you should run a private npm mirror or a private cache.</p> +<p>If you want 100% confidence in being able to reproduce the specific bytes +included in a deployment, you should use an additional mechanism that can +verify contents rather than versions. For example, +Amazon machine images, DigitalOcean snapshots, Heroku slugs, or simple tarballs.</p> <h2 id="is-it-npm-or-npm-or-npm-">Is it 'npm' or 'NPM' or 'Npm'?</h2> <p>npm should never be capitalized unless it is being displayed in a location that is customarily all-caps (such as the title of man pages.)</p> @@ -237,7 +236,7 @@ that has a package.json in its root, or a git url. <p>To check if the registry is down, open up <a href="https://registry.npmjs.org/">https://registry.npmjs.org/</a> in a web browser. This will also tell you if you are just unable to access the internet for some reason.</p> -<p>If the registry IS down, let us know by emailing <a href="mailto:support@npmjs.com">support@npmjs.com</a> +<p>If the registry IS down, let us know by emailing <a href="mailto:support@npmjs.com">support@npmjs.com</a> or posting an issue at <a href="https://github.com/npm/npm/issues">https://github.com/npm/npm/issues</a>. If it's down for the world (and not just on your local network) then we're probably already being pinged about it.</p> @@ -285,5 +284,5 @@ good folks at <a href="http://www.npmjs.com">npm, Inc.</a></p> <tr><td style="width:60px;height:10px;background:rgb(237,127,127)" colspan=6> </td><td colspan=10 style="width:10px;height:10px;background:rgb(237,127,127)"> </td></tr> <tr><td colspan=5 style="width:50px;height:10px;background:#fff"> </td><td style="width:40px;height:10px;background:rgb(237,127,127)" colspan=4> </td><td style="width:90px;height:10px;background:#fff" colspan=9> </td></tr> </table> -<p id="footer">npm-faq — npm@1.4.28</p> +<p id="footer">npm-faq — npm@2.0.0</p> |