Menu
I making a very simple website (like pastebin) in PHP (LAMP server). This site uses jquery and bootstrap. I was using bower earlier, but I want to switch to using npm instead.
My directory structure is like this:
When I was using bower, I used to upload the whole bower_components folder to my FTP server. My node_modules folder is pretty large and contains hundreds of files and so I'm not sure if I should be uploading it?
I guess I can just upload package.json and run npm install on the command line of my webserver after uploading, but will exposing node_modules folder to the public pose potential security risks?
874
No, You don't need to push your node_modules folder to production whether it is a static export or dynamic build. When you export a static build the source file is converted into HTML & js files. So there is no need for node modules on production env.
Yes you can copy whole node_modules (have done it multiple times) from one project to another and use same package. json and package-lock (Will only save time in dependencies installation/download)
No, you don't need to add your node_modules . Would recommend you check out the docs about how to go about deploying your Next. js application, but in essence: run next build.
Your node_modules folder should be in your .gitignore -if you are using git-. And no, you don't upload the whole folder. You, as you say, run npm install. This also applies to bower, you shouldn't upload the bower_components folder, you should run the command in your server.
As for the other part of the question, you shouldn't either expose node_modules. What you do is use some task manager or some bundler (gulp, grunt, webpack) and create a bundled (or concatted) version of your files (css and js). Once you have this file, that's what you expose. That's what you include in your index, for example <script src="dist/bundle.min.js"></script>
86
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
