TipsAndTricks/NPM
Node.js packages and applications tend to differ from other applications. They tend to have alot of 'smaller' dependencies and often are not very descriptive of what versions of these dependencies they require.
Yocto provides a number to tools to help people packaging node modules from NPM (Node Package Manager) and fit within the traditional metadata structure and obey the do_compile/do_fetch rules as well as helping you check your licensing requirements. This post will show you various methods to make package creation easier.
Recipetool
Recipetool now allows an npm URL to be given like this:
recipetool create "npm://registry.npmjs.org;name=grunt-cli;version=1.1.0"
Note that registry.npmjs.org is the default NPM registry but any registry URL can be used. The name and version tags should be self documenting. Behind the scene, recipetool will download each dependency and write a recipe file. The recipe file is fairly simple but will contain every license that recipetool has found and include it in the LIC_FILES_CHKSUM. Note alot of node modules have unclear licensing so "unknown" happens alot in the LICENSE field, have a look at the modules not listed.
Integrity of your package
Recipetool will also create a shrinkwrap and lockdown file for your recipe. Shrinkwrap files in npm are used to make sure that the full dependency chain of a node module is the same as the user expected. Alot of packages don't provide this so we create one on the fly, you can replace it with your own. Lockdown checks that the files recipetool downloaded are the same as the ones your users will download when using your recipe. This simply checks dependencies have not been changed and that your NPM registry is still handing out the same file.
Building & dependencies
Some stuff here
