Dependency Management¶
We have a strict dependency policy for security and stability purposes.
Only necessary dependencies are accepted.
These must have a clear purpose for the project -- especially from external sources like the NPM.
Internal libraries¶
Our own modules are published as a build-time git submodules and are not available from the NPM.
| Project Name | Scope | Purpose |
|---|---|---|
| @heusalagroup/fi.hg.core | Full Stack | Any code that does not have dependencies |
| @heusalagroup/fi.hg.node | Backend / CLI | Module for code which depends on NodeJS |
| @heusalagroup/fi.hg.backend | Backend | Module for code which may depend on NodeJS and is intended to build backends |
| @heusalagroup/fi.hg.frontend | Fronted | Module for user interfaces and React |
| @heusalagroup/fi.hg.matrix | Full Stack | Our extremely lightweight Matrix library which works also on embedded systems (OpenWRT) |
Accepted external libraries¶
| Project Name | Package Name | Scope | Purpose |
|---|---|---|---|
| Lodash | lodash |
Full Stack | Extends JavaScript functionality |
| TypeScript | typescript |
Full Stack | Compiles TypeScript language to JavaScript |
| jest | jest |
Full Stack | Testing framework |
| ReactJS | reactreact-dom |
Frontend | User interface library for the Web |
| Create React App | react-scripts |
Frontend | Environment tools for React development |
| i18next | i18next |
Frontend | Internationalization library |
| React Router | react-router-dom |
Frontend | Library to implement routes on the client side |
| i18next | node-sass |
Frontend | Compiles SCSS to CSS |
| React Router Hash Link | react-router-hash-link |
Frontend | Enables hash based links in the app. You should prefer not to use hash based links, though. |
| ts-node | ts-node |
Backend | Enables TypeScript support for NodeJS |
| node-jws | jws |
Full Stack | JWT support for JavaScript |
It's also acceptable to install @types/FOO dependencies for these projects to add the TypeScript support.
New dependencies¶
For specific purposes it's acceptable to introduce a new library.
You should consult the lead developer in that case.
Some general points to consider while choosing a library:
- It should have a MIT license and other compatible ones
- Prefer zero dep libraries. The module shouldn't have too many dependencies.
- Prefer build time only libraries. We want to have the freedom to compile our code into single small deployable bundle which doesn't have too many dependencies.