Standardization of a node.js version

[kirlat]

Some dependencies that are used in our packages require the specific version of node.js. Often it is a requirement to have node.js version no lower than z.y.z. If this requirement is not met, some packages can break the build process and it can be very time consuming to figure out the resolution.

There is currently no way to enforce node.js to be of a specific version. We can set it in the engines field of package.json as following;

"engines": {
    "node": ">= 14.1.0",
    "npm": ">= 6.13.0"
}

This. however, would produce only a warning that can be missed easily. The build process will start (and fail eventually) even if the node version is incorrect.

What's also important is that we do not need node.js to run a production version of our apps. The node.js is required for the build process only. This would reduce requirement to the reliability and would allow us to use newer versions of node that support latest features. There is no need to stick to the LTS version. This would also mean that the node versions would change more often comparing with those of LTS. And we need to make those changes less painful.

One of the suggestions I've found on the topic is to install node.js as a local dependency. The local node can then be used instead of a global version for the build process. This would allow us to specify exactly what node version is required and it will be installed automatically. The details are here: https://nitayneeman.com/posts/standardizing-node.js-version-in-an-npm-package/.

It seems like a plausible solution to me and I don't see any big drawback at the moment. But we also have not tried it yet and there might be always something unexpected. What do you think? Would that help us to improve a stability of our builds?

[kirlat]

The similar solution was suggested by the npm maintainer: npm/rfcs#50 (comment)

It does not allow to lock the npm version but I see no need for us to do that at the moment.

[balmas]

I think it could be okay. It seems somewhat analogous to what the GitHub workflows does -- i.e. you have to specify the version of node to run the container. I was trying to think if there was any way that could help us here -- i.e. if our development process requires us to setup a GitHub workflow for building and testing, the tests would fail with the wrong node version, but I'm not sure it really helps with the problem of a development environment using the wrong version.

[irina060981]

I am not sure that this variant is helpful for Windows 10, I was to install the latest versin from the node website.
So If I won't see some breaking errors during the build I won't update node manually.
And I think that it could be the same for some other developers.

[kirlat]

I am not sure that this variant is helpful for Windows 10, I was to install the latest versin from the node website.
So If I won't see some breaking errors during the build I won't update node manually.
And I think that it could be the same for some other developers.

The article says that it should be sufficient to install the node package as a dev dependency from package.json of the project. I'm not sure if it would work in Windows 10, but I think it might? I can try it and see if it will bring any problems other than an increased size of the dependencies.