New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Include Hilla dependencies in the default package-lock.json file #19298
Comments
The Is the issue only about development mode, or also production build? I guess that when using the dev-bundle, it could be fine to have also Hilla packages, but I suppose this should not happen with the production bundle for a pure Flow application. |
Would it also include them in package.json and enforce their visibility to SBOMs? If so: I don't like :) |
Those dependencies are currently added on top of the default |
We shouldn't add those dependencies to the default prod bundle since that would just increase the size of the bundle without any benefits. I suspect that adding them only to the dev bundle might cause more problems similar to #18979. |
So, it looks like we need to have separate pre-compiled dev and prod bundles for Flow / Flow+Hilla, and make Flow unpack the correct resources for the user project, based on the same checks we do to detect if Hilla is used. |
Would it be practical to just have an additional |
So basically, the current a bundle should only have an additional |
That might make sense. Just need to verify that there isn't the same kind of slowdown if the |
A 'hybrid-package-lock.json', containing also Hilla dependencies, is added to the vaadin-dev-bundle artifact, so that Flow can chose the appropriate lock file based on the project configuration. Part of vaadin/flow#19298
The package-lock.json provided by the pre-compiled dev-bundle contains no Hilla dependencies, slowing down the first frontend build. This change attempts to extract a package-lock.json file specific to the hybrid application from the bundle, possibly falling back on the standard one. Fixes #19298
A 'hybrid-package-lock.json', containing also Hilla dependencies, is added to the vaadin-dev-bundle artifact, so that Flow can chose the appropriate lock file based on the project configuration. Part of vaadin/flow#19298
A 'hybrid-package-lock.json', containing also Hilla dependencies, is added to the vaadin-dev-bundle artifact, so that Flow can chose the appropriate lock file based on the project configuration. Part of vaadin/flow#19298
A 'hybrid-package-lock.json', containing also Hilla dependencies, is added to the vaadin-dev-bundle artifact, so that Flow can chose the appropriate lock file based on the project configuration. Part of vaadin/flow#19298
The package-lock.json provided by the pre-compiled dev-bundle contains no Hilla dependencies, slowing down the first frontend build. This change attempts to extract a package-lock.json file specific to the hybrid application from the bundle, possibly falling back on the standard one. Fixes #19298
The package-lock.json provided by the pre-compiled dev-bundle contains no Hilla dependencies, slowing down the first frontend build. This change attempts to extract a package-lock.json file specific to the hybrid application from the bundle, possibly falling back on the standard one. Fixes #19298
…) (#19363) The package-lock.json provided by the pre-compiled dev-bundle contains no Hilla dependencies, slowing down the first frontend build. This change attempts to extract a package-lock.json file specific to the hybrid application from the bundle, possibly falling back on the standard one. Fixes #19298 Co-authored-by: Marco Collovati <marco@vaadin.com>
This ticket/PR has been released with Vaadin 24.4.0.beta3 and is also targeting the upcoming stable 24.4.0 version. |
Description of the bug
The initially provided
package-lock.json
file does not include Hilla dependencies. This slows downnode_modules
population from 8 seconds to 34 seconds on my fast network connection and probably significantly more on slower connections.Expected behavior
Expected that all dependencies in the default
package.json
file are also covered by the defaultpackage-lock.json
file.Minimal reproducible example
src/main/frontend/views/@index.tsx
file with some dummy contentmvn
.using '...' for frontend package installation
is logged but beforeFrontend dependencies resolved successfully.
npm ci
and notice errors about missing dependencies.Versions
The text was updated successfully, but these errors were encountered: