From 545c067f9a48dd91cde766e4ebcf5df3ab44d5df Mon Sep 17 00:00:00 2001 From: Paul Eggleton Date: Thu, 16 Apr 2020 09:49:32 +1200 Subject: dev-manual: basic updates for npm fetcher changes Update the npm:// URL and the generated npm recipe, and remove references to NPM_SHRINKWRAP, NPM_LOCKDOWN and lockdown functionality in general. (From yocto-docs rev: bc09233543abbf28adfcc1e214f85ef4c7c56639) Signed-off-by: Paul Eggleton Signed-off-by: Richard Purdie --- .../dev-manual/dev-manual-common-tasks.xml | 52 +++++++++------------- 1 file changed, 21 insertions(+), 31 deletions(-) diff --git a/documentation/dev-manual/dev-manual-common-tasks.xml b/documentation/dev-manual/dev-manual-common-tasks.xml index 8bb8612e0f..fedc715712 100644 --- a/documentation/dev-manual/dev-manual-common-tasks.xml +++ b/documentation/dev-manual/dev-manual-common-tasks.xml @@ -10590,7 +10590,7 @@ devtool and the NPM fetcher to create the recipe: - $ devtool add "npm://registry.npmjs.org;name=cute-files;version=1.0.2" + $ devtool add "npm://registry.npmjs.org;package=cute-files;version=1.0.2" The devtool add command runs recipetool create and uses the @@ -10615,25 +10615,13 @@ - recipetool creates "shrinkwrap" and - "lockdown" files for your recipe. + recipetool creates a "shrinkwrap" file + for your recipe. Shrinkwrap files capture the version of all dependent modules. Many packages do not provide shrinkwrap files. recipetool create a shrinkwrap file as it runs. - You can replace the shrinkwrap file with your own file - by setting the NPM_SHRINKWRAP - variable. - - - - Lockdown files contain the checksum for each module - to determine if your users download the same files when - building with a recipe. - Lockdown files ensure that dependencies have not been - changed and that your NPM registry is still providing - the same file. A package is created for each sub-module. This policy is the only practical way to have the @@ -10648,23 +10636,26 @@ $ devtool edit-recipe cute-files SUMMARY = "Turn any folder on your computer into a cute file browser, available on the local network." - LICENSE = "BSD-3-Clause & Unknown & MIT & ISC" + LICENSE = "MIT & ISC & Unknown" LIC_FILES_CHKSUM = "file://LICENSE;md5=71d98c0a1db42956787b1909c74a86ca \ - file://node_modules/content-disposition/LICENSE;md5=c6e0ce1e688c5ff16db06b7259e9cd20 \ - file://node_modules/express/LICENSE;md5=5513c00a5c36cd361da863dd9aa8875d \ + file://node_modules/toidentifier/LICENSE;md5=1a261071a044d02eb6f2bb47f51a3502 \ + file://node_modules/debug/LICENSE;md5=ddd815a475e7338b0be7a14d8ee35a99 \ ... - SRC_URI = "npm://registry.npmjs.org;name=cute-files;version=${PV}" - NPM_SHRINKWRAP := "${THISDIR}/${PN}/npm-shrinkwrap.json" - NPM_LOCKDOWN := "${THISDIR}/${PN}/lockdown.json" + SRC_URI = " \ + npm://registry.npmjs.org/;package=cute-files;version=${PV} \ + npmsw://${THISDIR}/${BPN}/npm-shrinkwrap.json \ + " + + S = "${WORKDIR}/npm" + inherit npm - # Must be set after inherit npm since that itself sets S - S = "${WORKDIR}/npmpkg" - LICENSE_${PN}-content-disposition = "MIT" - ... - LICENSE_${PN}-express = "MIT" LICENSE_${PN} = "MIT" + LICENSE_${PN}-accepts = "MIT" + LICENSE_${PN}-array-flatten = "MIT" + ... + LICENSE_${PN}-vary = "MIT" Three key points exist in the previous example: @@ -10757,11 +10748,10 @@ However, the SRC_URI looks like the following: - SRC_URI = "git://github.com/martinaglv/cute-files.git;protocol=https \ - npm://registry.npmjs.org;name=commander;version=2.9.0;subdir=node_modules/commander \ - npm://registry.npmjs.org;name=express;version=4.14.0;subdir=node_modules/express \ - npm://registry.npmjs.org;name=content-disposition;version=0.3.0;subdir=node_modules/content-disposition \ - " + SRC_URI = " \ + git://github.com/martinaglv/cute-files.git;protocol=https \ + npmsw://${THISDIR}/${BPN}/npm-shrinkwrap.json \ + " In this example, the main module is taken from the Git repository and dependents are taken from the NPM registry. -- cgit v1.2.3-54-g00ecf