-
Notifications
You must be signed in to change notification settings - Fork 309
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Huge shrinkwrap with oclif latest #1324
Comments
Thanks for bringing this up @otaviojacobi There was as point in time when we required CLIs to have the aws-sdk as a devDependency so that oclif could use that instead of having to depend on it itself (see the description for So, yeah, I agree that there's a better approach to this but it will have to wait until we do the next major version. Not sure exactly when that would be since we typically like to have a few breaking changes lined up so we can reduce the number of majors that we release. |
Hello @mdonnalley why would moving these into a optional dependency (rather than a dev one) be a breaking change? It would still install by default on npm i --production (or just npm i) but just not if you explicitely install it without the optional ones. It would just probably require a few changes on how inner modules import things Thanks! |
My thought was if the optional dependency fails to install and/or the user intentionally omits optional dependencies, then any command that depends on aws-sdk will fail, which might be unexpected for the user. Consider a CLI that currently uses the Perhaps there's a way to make the change without disrupting anyone's CI but I think it's best to operate with an abundance of caution for changes like this. |
That makes sense, thanks for clarifying. For anyone facing the same issue, I have minimized the impact of this by removing oclif of my dev dependencies and on my ci workflw I do "npm i oclif --no-save" in order to be able to use it without having to keep the huge dev dependencies. |
I'm not sure if our issue is related to this, but I'm about to migrate to another CLI framework because I feel our CLI is getting extremely bloated and hard to install.
This adds up to ~50Mb of download. And I have "oclif" as devDependency. |
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days. |
Newer versions of oclif (v4) use aws-sdk v3 which end up generating a huge shrinkrwarp file if you have oclif as a dev dependency (and use it programatically from within ts/js code). The fingerprint of aws-sdk v3 is so large that my CI fails with too many open files (which can indeed be workaroundable) but all that for a dev dependency of a aws-sdk that I don't even use as I don't use the commands that push anything to s3.
One simple way to reproduce/check is to just run
npm i --save-dev oclif@^3.0.0
andnpm i --save-dev oclif@^4.0.0
and compare tha package-lock.json difference. Deduped it went from ~8k lines to ~50k lines.I would like to propose that
@aws-sdk/client-cloudfront
@aws-sdk/client-s3
to become optional dependencies (and that the code is refactored in a way that initialization won't fail if these are not present) so that clients can choose wether or not these are installed & generate these huge diff from previous versions.I can also work on a PR for it if we can agree that this is something that would be valuable for oclif.
Thanks!
The text was updated successfully, but these errors were encountered: