Skip to content

Dependencies

Jiří Cihelka edited this page Dec 29, 2023 · 3 revisions

Description and guide to dependencies of the library.

How to add a dependency

Dependencies are managed using the npm package manager CLI.

Development dependencies

Adding a development dependency is easy. Just run the following command:

npm install --save-dev <package-name>

This will install the package and add it to the devDependencies section of the package.json file. The package will be installed in the node_modules directory.
The package will be installed as a development dependency, which means that it will not be included in the deployed version of the library.

Full overview of development dependencies can be found in the package.json file.

Production dependencies

Currently the library has no production dependencies.

Adding a production dependency can be done in the same way as adding a development dependency:

npm install --save <package-name>

This will install the package and add it to the dependencies section of the package.json file. The package will be installed in the node_modules directory.

Dependencies best practices

Development dependencies

Adding a development dependency is possible without many restrictions. If the dependency is needed and the goals achieved by it cannot be easily achieved in another way, then it can be added as a development dependency.

Production dependencies

When adding a production dependency, it is necessary to consider the following:

  • Is the dependency really needed?
    It is not good practice to add many dependencies. Only add dependencies, whose goals cannot be easily achieved in another way.
  • Is the dependency compatible with the library license?
    The license of the dependency must be compatible with the license of the library.
  • Is the dependency maintained?
    Avoiding dependencies that are not maintained is a must. We do not want to depend on a library that is not maintained, because it could stop working at any time.
  • Is the dependency secure?
    As our library isn't made for networking/infrastructural purposes, we don't need to worry too much about security. We however still need to avoid critical bugs like remote code execution, which could be used to compromise the user's system.
  • Is the footprint of the dependency acceptable?
    One of the key goals of the library is to be as lightweight and as fast as possible. It is important to consider the performance and size impact of the dependency. When using functions from a dependency, make sure that the functions do only what you need them to do (no unnecessary checks or side effects). Do not however over-optimize. If a call is made infrequently, it is not necessary to optimize it. A good rule of thumb is to care about performance, when the function is called during a calculation of some GeometryObjects property. For example exporting and file operations are not performance critical, so it is not necessary to optimize them.

It is also a good idea to loosely couple the dependency with the library. This means that the dependency should be used only in a few places in the library and that it should be possible to easily replace it with another dependency or with a custom implementation.

Clone this wiki locally