JavaScript Package Manager 2019

Transcript

1. JavaScript Package Manager 2019 2019/06/27 @NodeֶԂ 34࣌ݶ໨

2. Twitter: @yosuke_furukawa Github: yosuke-furukawa

3. Berlin Tips

4. JavaScript Package Manager

5. OQN
   JOD
   ձࣾ OQN
   $-* OQN
   3FHJTUSZ ZBSO

6. npm cli inside

7. ͦ΋ͦ΋npmͷ࢓૊Έɹ 1. ϩʔΧϧґଘϑΝΠϧΛಡΉ (package.json, package- lock.json, shrinkwrap.json) 2. ଘࡏ͠ͳ͍ύοέʔδͷϝλσʔλΛfetch͢Δ 3.

   ໦ߏ଄Λܭࢉͯ͠ɺ࣮ߦ͢Δʢnpm v3 Ҏ߱ͩͱflatten͢ Δʣ 4. ࣮ࡍʹଘࡏ͠ͳ͍ύοέʔδΛμ΢ϯϩʔυ͢Δ 5. ΠϯετʔϧεΫϦϓτΛ࣮ߦ͢Δ

8. ࠓͷͲ͕͜μϝͳͷ͔ • ʮ4. ύοέʔδΛμ΢ϯϩʔυ͢Δʯ͕ߴෛՙͷॲཧ • μ΢ϯϩʔυ͢Δɺͱ͍͏ߦҝ͸ • tar ball Λ

   fetch ͯ͠ɺ • ͔ͦ͜Β gunzip ͯ͠ɺ • Ͱ͖͕͋ͬͨϑΝΠϧΛnode_modulesҎԼʹίϐʔ • ͱ͍͏ϐʔΩʔͳॲཧΛ͍ͯ͠Δɻɹ

9. ࠓͷͲ͕͜μϝͳͷ͔ • tar ball Λ Fetch => Network IO΁ͷෛՙ •

   gunzip => CPU΁ͷෛՙ • node_modules Λίϐʔ => File IO΁ͷෛՙ Կ͔͠ΒͷΫϥΠΞϯτϦιʔεʹෛՙ͕ඞ͔͔ͣΔ

10. ࠓͷͲ͕͜μϝͳͷ͔ • tar ball Λ Fetch => Network IO΁ͷෛՙ •

    gunzip => CPU΁ͷෛՙ • node_modules Λίϐʔ => File IO΁ͷෛՙ
    ಛʹ
    OPEF@NPEVMFT
    ʹ࣮ମͷϑΝΠϧ͕ඞཁʹͳΔͨΊɺϑΝΠϧͷ૯༰ྔ͕ ૿͑Δɻ
11. None

12. tink: A next generation package manager

13. OQN
    JOD
    ձࣾ OQN
    $-* OQN
    3FHJTUSZ ZBSO UJOL

14. npm install ࣌ʹղܾ͢Δͷ Ͱ͸ͳ͘ɺ࣮ߦ࣌ʹղܾ͢Ε ͹͍͍Μͩʂʂʂ

15. tink sh • `tink sh <cmd>` Ͱىಈ͢Δɻ • tink sh

    ͕ node Λwrap ͍ͯ͠Δ • ͜ΕͰىಈ͢Δͱ node_modules ΛԾ૝্ ͷϑΥϧμʹ͢Δࣄ͕Ͱ͖Δɻ $ node foo.js # Ͱىಈ͢ΔͷͰ͸ͳ͘ɺ $ tink sh foo.js # Ͱىಈ͢Δɻɹ

16. node_modulesΛԾ૝্ͷϑΥ ϧμʹ͢Δ͜ͱͷϝϦοτɹ • ࣮ࡍʹϑΝΠϧΛίϐʔ͠ͳ͍ͨΊɺ File IO΁ͷӨڹ͕ ؇࿨͞ΕΔ • ϩʔΧϧ಺ʹ hash

    Λϕʔεʹͨ͠cacheΛ࡞Γɺhash ஋͕Ұகͨ͠ΒcacheΛ࢖͏ Network IO΁ͷӨڹ΋؇ ࿨͞ΕΔ • ϥϯλΠϜͰϞδϡʔϧΛղܾ͢ΔͨΊɺ npm install ͕ཁΒͳ͘ͳΔɻ

17. $ git clone && npm install && node app.js Ͱ͸ͳ͘

18. $ git clone && tink sh app.js
    ͜͏ͳΔ

19. ͜ͷઓུΛ zero install ͱݺͿ

20. prepare && unwind • prepare ͸ࣄલʹ module Λ fetch ͢ΔίϚ

    ϯυ • unwind ͸ࣄલʹ node_modules Λ࣮ମԽ͢ ΔίϚϯυ $ tink prepare $ tink unwind

21. prepare && unwind • prepare ͸ࣄલʹ module Λ fetch ͢ΔίϚ

    ϯυ • unwind ͸ࣄલʹ node_modules Λ࣮ମԽ͢ ΔίϚϯυ $ tink prepare $ tink unwind ຊ൪ىಈ࣌ʹ͸ىಈޙͷGFUDIΛ஗͍ͱ໰୊ͳͷ Ͱɺىಈલʹࣄલॲཧ͢ΔίϚϯυ͕ఏڙ͞ΕͯΔ

22. loadmap • tink ͸ npm v8 Ͱ npm ຊମʹ౷߹͞ΕΔ༧ఆ •

    Node ͷίΞʹ΋integrate༧ఆ

23. ·ͱΊ

24. ·ͱΊ • npm, yarn ͸ࠓޙ zero install ࣌୅ʹͳ͍ͬͯ ͘ •

    ҰํͰɺͲͪΒʹ΋༗ҙ͕ࠩ͋ΔΑ͏ʹ͸ݟ ͑ͳ͔ͬͨ • ·ͩ experimental ৭Μͳͱ͜ΖͰ໰୊఺Λग़ ͢ϑΣʔζ

25. ࣍ͷ࿩ߦ͖·͢ʂʂʂ

26. JavaScript Registry ͷࠓޙ

27. JavaScript Registryͱ͸: package Λ backend Ͱ؅ཧ ͍ͯ͠ΔαʔϏε npm, githubͷ෺͕͋Δ

28. None

29. Package Managementͷܦࡁ

30. RegistryΛϏδωεతʹ੒ޭ ͤ͞Δ͜ͱ͸೉͍͠ʂʂʂʂ

31. npmͷϏδωεϞσϧ

32. npmͷϏδωεϞσϧ • public module ΛແঈͰఏڙɺίετ͸npm Ͱෛ୲ • private module ΍

    enterprise ͳΞΫηείϯτ ϩʔϧΛ͢ΔͳΒ༗ঈ൛Λܖ໿ • public module cost Λ private module ͷച্ Ͱ࿫͏Ϟσϧ

33. npm͸Ͱ͔͍ • 100ສϞδϡʔϧ΋͋Δ

34. npm is hard • اۀ͔Βͷد෇ۚͰ·͔ͳ͏ͷ͸ʁ • খ͍͞RegistryͳΒͰ͖Δ͕ɺେ͖͘ͳΔͱ NG • ࠓ͸Venture

    CapitalʹཔͬͯΔɻ • VC͔Βͷҙ޲͕มΘΕ͹ӡӦํ਑΋มΘΔ

35. ͡Ό͋Ͳ͏͢Δ͔

36. ͡Ό͋Ͳ͏͢Δ͔ • தԝूݖ؅ཧ͢ΔͷͰ͸ͳ͘ɺ෼ࢄ؅ཧͯ͠ ͍͜͏ • Ұͭʹू໿͗͢͠Δͱίετ΋ूத͢Δ͕ɺ ෼ࢄ͢Ε͹ίετ΋෼ࢄͰ͖Δ

37. Entropic: a federated package registry

38. OQN
    JOD
    ձࣾ OQN
    $-* OQN
    3FHJTUSZ OQN
    3FHJTUSZ &OUSPQJD UJOL ZBSO &OUSPQJD
    3FHJTUSZ

    &OUSPQJD
    $-*
    ET

39. Entropic • npmʹ΋ܨ͕Δ৽͍͠Registry • ͨͩ͠෼ࢄ؅ཧͰ͖ΔΑ͏ʹ֤छͷRegistryͱ ࿈ܞͰ͖ΔΑ͏ʹͳ͍ͬͯΔ • ͜ΕΒΛ·ͱΊ͋͛ΔͨΊʹdsͱݺ͹ΕΔ৽ ͍͠CLI΋͍࣋ͬͯΔ

40. package ࢦఆํ๏ • namespace, domain, package nameͷͦΕͧ ΕΛͪΌΜͱࢦఆ͢Δ • namespace@example.com/pkg-name

    • npmʹ΋legacyωʔϜεϖʔεͰ઀ଓͰ͖Δ

41. Entropicͷΰʔϧ • ʮԿ΋͠ͳ͍Ͱnpm͕౗ΕΔ͔ɺ༗ޮࡦ͕ग़Δ ·Ͱ଴ͭʯҎ֎ͷબ୒ࢶΛ༻ҙ͍ͨ͠ • ʮRegistryͷӡ༻஌ݟʯΛ޿Ί͍ͨ • ʮதԝूݖ͔Β෼ࢄ؅ཧʯʹৼΓࢠΛ໭͍ͨ͠

42. Entropicͷΰʔϧ • ʮԿ΋͠ͳ͍Ͱnpm͕౗ΕΔ͔ɺ༗ޮࡦ͕ग़Δ ·Ͱ଴ͭʯҎ֎ͷબ୒ࢶΛ༻ҙ͍ͨ͠ • ʮRegistryͷӡ༻஌ݟʯΛ޿Ί͍ͨ • ʮதԝूݖ͔Β෼ࢄ؅ཧʯʹৼΓࢠΛ໭͍ͨ͠ OQNΛ౗ͧ͢ʂͰ͸ͳ͘ɺΈΜͳͰӡ༻஌ݟΛ ߴΊͯ෼ࢄ؅ཧͰ͖ΔΑ͏ʹ͠Α͏͕ΰʔϧ

43. ·ͱΊ

44. ·ͱΊ • npm vs yarn ͱ͔ͷ࿩Ͱ͸ͳ͘ɺࠓ΍ JavaScript Registry ͸༗ޮࡦ͕ग़ͳ͍ݶΓ·ͣ ͍ঢ়گ

    • ࠓٻΊΒΕͯΔͷ͸Registryͷӡ༻஌ݟ • ࠓޙͲ͏ͳΔ͔͸ෆ໌ɺΈΜͳͰ༗ޮࡦΛߟ͑ ͍ͯ͘ϑΣʔζ