-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
how to include third party javascript libraries? #46
Comments
My point of view:
|
Vendoring third-party code and using a package manager are not mutually exclusive, if we choose not to use For npm packages, I actually think we should use a package manager, and check in the fetched source code. This solves the problem both for vendors (use the checked in source code directly) and authors (easy to upgrade using |
I took a stab at the "use yarn" approach. Branch here The package.json files can the pretty small thankfully, only listing dependencies. npm and yarn complain about a missing license field but that is just a warning. One thing I didn't like was checking in the full package including documentation, tests etc. I think having a .gitignore to just 🍒-pick what is needed may reduce the size considerably. But when i looked at least in the case of the sdp package the tests were already not included in the npm package. |
adds a third-party module for SDP parsing, mangling and generation to the webrtc directory. This is going to be used for simulcast tests. Checks in node_modules as well as a package.json and yarn lock files for ease of updating. See web-platform-tests/rfcs#46 for discussіon on the approach
made a PR from the branch |
@fippo this can turn into a ton of technical debt very fast as i'm sure you already know. Also not sure what happens from breaking typical node conventions of traversing My vote/opinion is for placing FWIW just my 2 satoshis. 👍 👍 on the |
ping - if you folks could take a look at the PR @alvestrand just proposed another creative test in which this library would be super helpful :-) |
Hi all, sorry for the delay. I discussed this with @jgraham and @Hexcles today, and we're happy for the proposal from @snuggs to go ahead. That is: i. Add a new directory, This is us (deliberately) deferring on an overall policy for third-party javascript in WPT, but hopefully unblocking your current efforts. I am happy to work on (iii), and look to yourselves to arrange (i) and (ii), if this meets your needs. Thanks! |
Adds the third-party sdp module https://www.npmjs.com/package/sdp in version 2.12.0 and commit 958f22a94231e4c1ca651b4a7d53b0e32bb4a558 without tests or dependencies. See web-platform-tests/rfcs#46 for discussion on how to add third-party javascript.
Adds the third-party sdp module available from https://www.npmjs.com/package/sdp in version 2.12.0 and commit 958f22a94231e4c1ca651b4a7d53b0e32bb4a558 without tests or dependencies. This is going to be used by simulcast tests and is generally useful in manipulating the SDP generated and consumed by WebRTC. See web-platform-tests/rfcs#46 for discussion on how to add third-party javascript libraries.
Thank you (also Harald for pinging)! Made a new PR referenced above this comment, lint seems to be a solved problem ❤️ |
…es for lint, a=testonly Automatic update from web-platform-tests Ignore test suite third_party/ directories for lint See web-platform-tests/rfcs#46 -- wpt-commits: a0d78a7e1b038652bc6d65170f3e994475ecff9c wpt-pr: 22498
…es for lint, a=testonly Automatic update from web-platform-tests Ignore test suite third_party/ directories for lint See web-platform-tests/rfcs#46 -- wpt-commits: a0d78a7e1b038652bc6d65170f3e994475ecff9c wpt-pr: 22498
…es for lint, a=testonly Automatic update from web-platform-tests Ignore test suite third_party/ directories for lint See web-platform-tests/rfcs#46 -- wpt-commits: a0d78a7e1b038652bc6d65170f3e994475ecff9c wpt-pr: 22498 UltraBlame original commit: 58f3a4861472c450cdef0048ef42b0de5a935739
…es for lint, a=testonly Automatic update from web-platform-tests Ignore test suite third_party/ directories for lint See web-platform-tests/rfcs#46 -- wpt-commits: a0d78a7e1b038652bc6d65170f3e994475ecff9c wpt-pr: 22498 UltraBlame original commit: 58f3a4861472c450cdef0048ef42b0de5a935739
…es for lint, a=testonly Automatic update from web-platform-tests Ignore test suite third_party/ directories for lint See web-platform-tests/rfcs#46 -- wpt-commits: a0d78a7e1b038652bc6d65170f3e994475ecff9c wpt-pr: 22498 UltraBlame original commit: 58f3a4861472c450cdef0048ef42b0de5a935739
* webrtc: add third-party sdp module Adds the third-party sdp module available from https://www.npmjs.com/package/sdp in version 2.12.0 and commit 958f22a94231e4c1ca651b4a7d53b0e32bb4a558 without tests or dependencies. This is going to be used by simulcast tests and is generally useful in manipulating the SDP generated and consumed by WebRTC. See web-platform-tests/rfcs#46 for discussion on how to add third-party javascript libraries. * add readme
…stonly Automatic update from web-platform-tests webrtc: add third-party sdp module (#22557) * webrtc: add third-party sdp module Adds the third-party sdp module available from https://www.npmjs.com/package/sdp in version 2.12.0 and commit 958f22a94231e4c1ca651b4a7d53b0e32bb4a558 without tests or dependencies. This is going to be used by simulcast tests and is generally useful in manipulating the SDP generated and consumed by WebRTC. See web-platform-tests/rfcs#46 for discussion on how to add third-party javascript libraries. * add readme -- wpt-commits: 1c48b9809aa82de28b0b450949c2a32590bc61bd wpt-pr: 22557
…stonly Automatic update from web-platform-tests webrtc: add third-party sdp module (#22557) * webrtc: add third-party sdp module Adds the third-party sdp module available from https://www.npmjs.com/package/sdp in version 2.12.0 and commit 958f22a94231e4c1ca651b4a7d53b0e32bb4a558 without tests or dependencies. This is going to be used by simulcast tests and is generally useful in manipulating the SDP generated and consumed by WebRTC. See web-platform-tests/rfcs#46 for discussion on how to add third-party javascript libraries. * add readme -- wpt-commits: 1c48b9809aa82de28b0b450949c2a32590bc61bd wpt-pr: 22557
As part of web-platform-tests/wpt#21855 I've spotted another third party JavaScript library in the repo, https://github.com/nodeca/pako added in web-platform-tests/wpt#19614. |
This is following the directory structure used for webrtc in web-platform-tests/rfcs#46. Spotted via #21855.
This is following the directory structure used for webrtc in web-platform-tests/rfcs#46. Spotted via #21855.
…ty directory, a=testonly Automatic update from web-platform-tests [compression] move pako into a third_party directory (#23592) This is following the directory structure used for webrtc in web-platform-tests/rfcs#46. Spotted via web-platform-tests/wpt#21855. -- wpt-commits: 66e875b5d6bbd71ab24af9ca27d341f242f7a7cb wpt-pr: 23592
…ty directory, a=testonly Automatic update from web-platform-tests [compression] move pako into a third_party directory (#23592) This is following the directory structure used for webrtc in web-platform-tests/rfcs#46. Spotted via web-platform-tests/wpt#21855. -- wpt-commits: 66e875b5d6bbd71ab24af9ca27d341f242f7a7cb wpt-pr: 23592
Noting for the record another PR adding third-party code: web-platform-tests/wpt#23789 It seems to me that right now #46 (comment) is the de-facto overall policy. |
I am somewhat concerned by PRs like that randomly adding third party code under different licenses all over the tree. @foolip started looking at lints for this; I wonder if we could check whether people are adding either |
I've commented on web-platform-tests/wpt#21855 (comment) about the difficulties I ran into and closed the PR to make it clear I'm not making any progress on it, and don't expect to. |
So, we can never stop people adding third party code without us knowing; they could simply copy stuff from any library into a test file and there's no way we can detect that. So, we should concentrate on common things people may do that we can detect, which to me is this list:
It seems to me that adding third-party libraries should be relatively rare, so perhaps we should be strict about this. What about having the following lints:
Then we would explicitly allow specific third_party directories in
|
I think that makes sense, although I'm not fully clear on the details of what you want to lint. I think we can enforce two things:
Other files with a license block are somewhat detectable with a regex lint although it's obviously going to be pretty best-effort. |
Yep, these are what I want to lint :). (actually I had missed the first one, which I think is great!). Ok, I'll work on the lint change, and maybe do some documentation work too. |
Violations of this rule:
|
@foolip looked at some of these https://bugzilla.mozilla.org/show_bug.cgi?id=1637924 is filed for the css-color issue but is waiting for @dbaron I think we can also assume that |
CSS2 is web-platform-tests/wpt#23593, which is waiting on @wseltzer I believe. |
In this chrome CL I tried adding a third-party library for dealing with SDP in webrtc tests. I put a trimmed down version of the code, a README specifying where to obtain it and a LICENSE file into a directory under the one with the tests using it. @foolip was summoned and asked me to raise the issue here.
How should javascript libraries that are third-party be treated? "Third party" in the sense "they existed before, they are independent from wpt and someone else maintains them"
I assume fetching them from the network is off the table since there should be no runtime dependency on the network.
Should they put in a central place so they can be ignored by linters? If they are only used by a particular spec (nothing else on the web uses SDP thankfully) is a place like
<spec>/resources/
better.Should a package manager (npm, yarn, ...) be used? With or without lockfiles etc.
What is the process for updating them (e.g.
npm audit
)? Should local modifications be avoided?Are there licensing concerns that need to be taken care of?
Lots of questions...
in this particular case i'm happy to use the same pattern that is used for webidl2.js
The text was updated successfully, but these errors were encountered: