Why is local compilation preferred to pre-built binaries in the check.js script?

[Chocobozzz]

Hi,

First, thank you for this very useful library and for maintaining it.

I'm the maintainer of an open source node application, PeerTube, that will use sharp to manipulate images. Sysadmins of this node application will use pnpm to install PeerTube dependencies, and so sharp dependency.

I understand I can add sharp to ignoredBuiltDependencies in pnpm-workspace.yaml to skip check.js script. But it will cause problems on systems that don't have sharp prebuilt binaries (like FreeBSD).

So I'd rather add sharp to onlyBuiltDependencies, but it seems check.js prefer to compile sharp instead of using prebuilt binaries (if available). Can you explain this choice? I'd prefer using prebuilt binaries if available, to prevent compilation errors and have a faster pnpm install.

Thank you

[lovell]

Hello, this logic will be going away in the next release (via commit e1bad54), in part due to npm removing custom config, as well as a wider move in the JS package manager ecosystem to prevent install scripts running by default.

[Chocobozzz]

Thank you for your answer. With this new method, what will be the output for FreeBSD users that pnpm install in a project that has sharp dependency? Will the error occur during installation or at runtime?

I guess I have to change the PeerTube installation doc from

pnpm install --frozen-lockfile

to

pnpm install --frozen-lockfile
npm explore sharp -- npm run build # For FreeBSD users

[lovell]

Those using platforms without prebuilt binaries will experience an error with lots of help at runtime.

However thinking about this a bit more, maybe the WebAssembly package should be used for all other platforms. I'll need to do some experimenting with this using the emulated FreeBSD CI environment (which is currently allowed to fail).