Hi, @xiaohuoni
According to npm’s installation rule, it parses the package.json based on the libraries’s declaration order, to construct the node_modules tree. For the libraries that have not been installed in the project, node_modules tree can share them by putting them at the top level of the tree. For the libraries that have been installed, it checks whether their specified version constraints are compatible with the installed ones. If yes, npm ignores them, otherwise, npm will put such duplicated libraries in the subfolders (npm’s sandboxes).
We installed and analyzed the alita, and found that it is large in size. alita’s node_modules tree has installed 2134 libraries. 1249 out of 2134 libraries are shared at the top level of the tree, while 885 libraries are the duplicated in the sandboxes. We further checked the duplicated libraries, and listed the them as follows (format: library name, version number, the number of installations on the node_modules tree). For example, “source-map, 0.6.1, 85” denotes that library source-map 0.6.1 has been installed 85 times in this project.
Clicking for details (duplicated libraries)—
source-map, 0.6.1, 85
chalk, 2.4.2, 77
supports-color, 6.1.0, 76
supports-color, 5.5.0, 75
postcss, 7.0.32, 75
rc-util, 5.0.4, 22
postcss-value-parser, 3.3.1, 17
isarray, 1.0.0, 16
readable-stream, 2.3.7, 14
string_decoder, 1.1.1, 14
isobject, 3.0.1, 14
mkdirp, 0.5.5, 12
extend-shallow, 2.0.1, 11
rc-animate, 3.1.0, 11
ms, 2.1.2, 10
kind-of, 6.0.3, 8
rc-trigger, 4.3.0, 8
rc-align, 4.0.0, 8
bn.js, 4.11.9, 7
debug, 4.1.1, 7
ansi-regex, 2.1.1, 5
warning, 4.0.3, 5
schema-utils, 1.0.0, 5
define-property, 0.2.5, 5
is-accessor-descriptor, 1.0.0, 4
is-data-descriptor, 1.0.0, 4
is-descriptor, 1.0.2, 4
strip-ansi, 6.0.0, 4
path-to-regexp, 1.8.0, 4
cssesc, 2.0.0, 4
postcss-selector-parser, 5.0.0, 4
loader-utils, 2.0.0, 4
is-number, 3.0.0, 4
kind-of, 3.2.2, 4
ansi-regex, 5.0.0, 4
define-property, 1.0.0, 3
color-convert, 2.0.1, 3
color-name, 1.1.4, 3
path-key, 3.1.1, 3
get-stream, 5.1.0, 3
has-flag, 4.0.0, 3
safe-buffer, 5.2.1, 3
supports-color, 7.1.0, 3
react-router, 5.1.2, 3
mini-create-react-context, 0.3.2, 3
is-fullwidth-code-point, 3.0.0, 3
string-width, 4.2.0, 3
react-router-dom, 5.1.2, 3
babel-plugin-dynamic-import-node, 2.3.3, 3
regenerator-runtime, 0.13.5, 3
fs-extra, 7.0.1, 3
camelcase, 5.3.1, 3
ansi-styles, 2.2.1, 3
range-parser, 1.2.1, 3
chalk, 1.1.3, 3
debug, 3.2.6, 3
braces, 2.3.2, 3
fill-range, 4.0.0, 3
strip-ansi, 3.0.1, 3
supports-color, 2.0.0, 3
micromatch, 3.1.10, 3
to-regex-range, 2.1.1, 3
pify, 3.0.0, 3
ajv, 6.12.2, 3
fast-deep-equal, 3.1.3, 3
ansi-styles, 4.2.1, 3
postcss-selector-parser, 3.1.2, 3
which, 2.0.2, 2
glob-parent, 3.1.0, 2
is-glob, 3.1.0, 2
bytes, 3.1.0, 2
qs, 6.7.0, 2
resolve-from, 3.0.0, 2
@babel/traverse, 7.10.0, 2
find-up, 2.1.0, 2
locate-path, 2.0.0, 2
is-extendable, 1.0.1, 2
punycode, 1.4.1, 2
p-limit, 1.3.0, 2
p-locate, 2.0.0, 2
p-try, 1.0.0, 2
is-stream, 2.0.0, 2
readable-stream, 1.1.14, 2
string_decoder, 0.10.31, 2
npm-run-path, 4.0.1, 2
set-value, 2.0.1, 2
get-stream, 4.1.0, 2
cross-spawn, 5.1.0, 2
path-to-regexp, 2.4.0, 2
inherits, 2.0.3, 2
shebang-regex, 3.0.0, 2
shebang-command, 2.0.0, 2
So many duplicated libraries could cause potential problems, such as: slower installs, exploding bundle sizes, and so on.
Based on npm’s installation rules, we comprehensively analyzed the compatibilities of all the transitive dependencies’ version ranges and the topological structure of your node_modules tree. We suggested alita add the following duplicated libraries with their compatible versions into the package.json file (as shown in the attachment), which help to refactor the project’s node_modules tree.
Clicking for details—
"isarray": "1.0.0",
"readable-stream": "2.3.6",
"kind-of": "3.2.0",
"ms": "2.1.1",
"isobject": "3.0.1",
"source-map": "0.6.1",
"mkdirp": "0.5.3",
"debug": "4.1.1",
"extend-shallow": "2.0.1",
"@babel/types": "7.10.2",
"is-number": "3.0.0",
"braces": "2.3.2",
"pify": "3.0.0",
"semver": "6.3.0",
"supports-color": "6.1.0",
"postcss": "7.0.27",
"glob-parent": "3.1.0",
"micromatch": "3.1.10",
"find-up": "2.1.0",
"path-key": "3.1.0",
"ajv": "6.12.0",
"strip-ansi": "5.2.0",
"ansi-regex": "2.1.1",
"path-type": "3.0.0",
"emojis-list": "3.0.0",
"chalk": "2.4.2",
"camelcase": "5.3.1",
"regenerator-runtime": "0.13.5",
"@babel/parser": "7.9.4",
"array-union": "1.0.2",
"rc-util": "5.0.4",
"postcss-value-parser": "3.3.1"
After cleaning the local installation environment and re-installing alita based on the revised package.json file, we found that the node_modules tree totally installs 1674 libraries, including the 1249 ones at the top level, 425 ones in the sandboxes. As such, the revised package.json file reduces 460 duplicated libraries for alita. In this manner, alita’s size is shrunk from 500MB to 357MB, reducing 7745files (from 58189 to 50444) and 1511 folders (from 7534 to 6023) in total. Note that, all the added directed dependencies in package.json file are deduced based on the original node_modules tree, which will not miss any required dependencies.
Before refactoring dependency tree——
After refactoring dependency tree——
package.json.txt
package-lock.json.txt
Would you like to adopt this suggestion to shrink the project’s size?
Thank you for your attention.
Best regards.