Head Ads

NPM: What side effects does it have for the Web?


 NPM: What side effects does it have for the Web?

 NPM: What side effects does it have for the Web? Modern web development - and software development in general - does not know or cannot contemplate processes without the use of package managers.

Gone are the times when to develop a website, all we used was HTML, CSS, and JavaScript without having to transpile, compile, or use construction tools that consume resources and time.

Today we will focus on the use of one of these tools, NPM, and we will look at some data on the impact and some side effects that it has on the Web, and in current Web development.

What is NPM?

NPM, from Node Package Manager, although it is also said that "npm is not an acronym", is a package manager for the JavaScript programming language.

It is owned by GitHub - Microsoft and is the default package manager for the Node.js runtime. There are other managers, but NPM is surely the most popular.

In addition to NPM, you can also find, in the market, alternatives such as Yarn, or Pnpm.

Tools like NPM have revolutionized the Web Development sector allowing, among many other things, you can share code with your team, your organization, or with other programmers from parts of the world whose names are unpronounceable in Spanish.

NPM is used by millions of developers around the world thanks to the commitment of npm, Inc. to bring “JavaScript development to elegance, productivity, and security.”

NPM lets you take advantage of the liveliness of the JavaScript ecosystem, and not have to reinvent the wheel with problems already solved by the open-source community.

What is the problem?

1.3 million . According to Wikipedia - congratulations on 20 years - there are currently over 1.3 million packages available on the main npm registry. Don't you think that this fact also contributes to web obesity ?

Contributes to the obesity of the web

I wonder, what carbon footprint will it leave in the environment all the time of construction ( build ) of each system with tens, or even thousands, of packages, in the test environment , in the production environment? Do you know any other programming language with so many modules ?

NPM What side effects does it have for the Web
NPM What side effects does it have for the Web

Source http://www. modulecounts. com/

Without wanting to seem to be a detractor of NMP, on the contrary, since I cannot imagine my work without npm or yarn, I think that a serious debate or reflection on the disorderly use of package managers is beginning to be necessary .

Increase the carbon footprint

I think there is a lot of code right now in NPM. Right now, Gatsby alone has 153 dependencies, according to npmjs .com. If one of those dependencies has at least one dependency, are we already talking about 306 dependencies?

In this way, there is no doubt about the obesity of the web, and of the node_modules directory of each project as well.

To give you an idea, one of our latest node_modules projects had the following characteristics:

  • $ du -sh node_modules
  • 837M node_modules

We found it outrageous. We had to investigate why.

From the terminal , you can run du -sh ./node_modules/* | sort -nr | grep '\ dM. *' to find out which modules take up the most memory. Then you can try to simplify the structure of your dependency tree , or directly eliminate the modules that you are not using, and do not plan to use in the future. You will most likely also remove some outdated dependency

How do dependencies accumulate over time?

There are different types of dependencies. Therefore, depending on the project, you may find essential dependencies for the code of your project to work, but you also have development dependencies, for example a library that helps you write cleaner code, or even third-party dependencies that are not available. in NPM, etc.

Visual example of the relationship between dependencies

How about this galaxy of Gatsby.js dependencies?

Exponential growth of the dependency network

Interesting? Find Gatsby, if you can. The bad news is that I couldn't get to the bottom to see the total dependencies. Worrying. You can try it yourself and then comment below what your dependency network looks like!

What is the solution?

I don't have the exact solution for this problem. What I do know is that not all your projects need, or needed, Node.js. Do you agree?

Misuse of complex resources for simple systems

If you need advanced properties and you don't want to program them, know that CSS has evolved a lot in recent years and some native features or properties can replace packages that you use regularly .

The same applies to the new JavaScript properties . Some are so powerful, with features that work in all modern browsers, without the need for compilation, and may be perfect for your static website.

Therefore, for tools like NPM to be part of the solution, and not the problem, I think it is urgent to understand and study the needs of your projects, always. In addition, you can analyze the weight and cost of a package before using it.

Along the same lines, not all websites are complicated or complex enough for complex pipelines . I think it is important to keep it simple, because everything adds, and more complexity to the base code, means more technology, more tools, more processes, more automation, more errors, more resources, more consumption, less sustainability.

Sustainability issues

The problem of sustainability may be related to the project you have developed, and its useful life. For example, visiting a project months or years later is often a headache.

Even if you only want to make a small change in a variable , you may find yourself surprised that one of the dependencies no longer works, is obsolete, does not exist , and you can no longer compile the project, while the client is waiting. The same can happen with Node. How many times have you had to reinstall it on your Mac OS?

Instead of installing a new dependency - from another dependency - why not try to develop it yourself. Maybe it's only 3 lines of code. I don't think it is a problem to reinvent the wheel, as long as this wheel means more efficiency for your product, project and future.


To conclude, the language of fashion, JavaScript, and NPM allow you to have a lot of flexibility when developing a new project. There are always smarter people outside of your organization than inside, and NPM dependencies openly provide this intelligence to you .

But with " great power, comes great responsibility ." Therefore, whenever you have the need to run npm install , do not forget that things happen behind everything, remember the image of Gatsby from this article. If you don't watch, the network of dependencies becomes infinite in no time.


No comments

Note: Only a member of this blog may post a comment.