Ranked in these QuestionsQuestion Ranking
Pro Best way to share code with the backend
If you're using node.js as your backend, you gain a lot of flexibility by using the same package manager for the frontend and backend, making it much easier to share code without adding one more tool to an already large toolbase.
Pro Huge active ecosystem
Npm gains a lot from its large community, and the activity from node.js gives npm the largest set of active repositories. Since so many people already use npm, chances are the library you need has already been added to npm, and many new authors are writing their libraries with npm in mind.
Pro Client side shims provided by Browserify
Browserify provides client side versions of non I/O related built in npm modules. This allows you to use the path manipulation, crypto, and zip libraries on the client side.
Pro All modules must implement CommonJS modules which leads to cleaner dependency management
Because all npm modules need to follow the CommonJS format, it's much easier to set up dependencies through the require function.
Pro Support multiple bundles
Browserify allows splitting up bundles among multiple pages to get the benefit of caching for shared, infrequently-changing modules, while still being able to use require().
Pro Easy to create bundles
Because of the nature of Browserify, it's easy to
require different dependencies and concatenate them into one minified file.
This helps with performance and load times, especially for mobile devices.
Pro Browserify shim allows you to use non Common JS formatted packages
Browserify shim is a transformation extension for Browserify that lets you load in libraries that do not follow the Common JS structure (using an exports module). This allows you to explicitly define what globally defined variables should be exposed by a
require statement so you can control how you load in these poorly formatted libraries safely without polluting the global scope.
Because the Common JS style loads in required libraries within a closure, any variables defined in a library will not pollute the global scope. Browserify shim lets you define which variables defined within that closure to map to the
exports variable that Common JS expects in a safe and explicit way through declarations in your project's
Pro Can also flatten the dependency tree with dedupe
npm dedupe lets you flatten the dependency tree.
Npm has a very handy dedupe tool. What this tool does is that it checks the dependency tree to find modules that depend on third dependencies. If a suitable version for all modules exists, it keeps that version and deletes any other versions that are not needed.
For example, in this dependency graph:
a +-- b <-- depends on firstname.lastname@example.org | -- email@example.com -- d <-- depends on c@~1.0.9 -- firstname.lastname@example.org
dedupe will transform it to:
a +-- b +-- d -- email@example.com
What it did was to make sure that both
d got their dependency met by a single
c module. It then deleted all the unneeded versions of the
Pro Can include HTML, CSS and images as well
Con Familiarity with Node is required
Browserify's documentation assumes that you have some familiarity with Node before starting to work with it. Some methods are not explained very thoroughly and others are assumed to be already known by the developer.
For example, Node's
module.exports is not explained, it's just mentioned that browserify modules can be exported using it. Which is fine, but for a developer not used with Node, or a front-end engineer that has never used Node it can be confusing.
Con Potentially hijacked and malicious packages
Con Post-install scripts
Packages shouldn't need post-installing. They should be an enclosed unit. This is another potential attack vector.