As a node.js hater with a prevailing preference to keep the Tryton modules in python, I’m curious if there has been any recent evaluation of rewriting (porting) the webclient back to python…
Yes javascript has it’s drawbacks. The same applies for Python. For me it’s the best tool for the job. Python (together with Tryton) as the backend where almost all the logic lives. Javascript (together with EmberJS) for the frontend app for a nice and crispy user experience. Also with javascript you can have one codebase for your app and add extra logic for building the app for different OS-es.
So I don’t think I’m understanding you correctly, but do you mean creating a webserver and serving pages rendered by the webserver? Like Django does? If so, you don’t understand how sao is working. It’s a webapp, the builded (minified, zipped etc) app is downloaded to your browser and then fired up. After that it is doing the same thing as the desktop-client: just sending JSON-RPC messages to Tryton, which reacts with data. That data is then displayed to the user.
$ npm install --production
npm WARN deprecated bower@1.8.4: We don’t recommend using Bower for new projects. Please consider Yarn and Webpack or Parcel. You can read how to migrate legacy project here: How to migrate away from Bower? · Bower blog
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated coffee-script@1.3.3: CoffeeScript on NPM has moved to “coffeescript” (no hyphen)
npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated nomnom@1.8.1: Package no longer supported. Contact support@npmjs.com for more info.
npm WARN deprecated hoek@2.16.3: This version is no longer maintained. Please upgrade to the latest version.
npm WARN deprecated boom@2.10.1: This version is no longer maintained. Please upgrade to the latest version.
npm WARN deprecated cryptiles@2.0.5: This version is no longer maintained. Please upgrade to the latest version.
…
npm notice created a lockfile as package-lock.json. You should commit this file.
added 254 packages from 218 contributors and audited 1380 packages in 40.808s
found 65 vulnerabilities (32 low, 23 moderate, 10 high)
run npm audit fix to fix them, or npm audit for details
these are already quite troubling for a system manager. pip is bad enough, but becomes unnecessary when the prereq’s are duly installed by the system package manager.
If there would be a need/interest for a unified/shared codebase for the client, kotlin could be an option as it has native multiplataform as a goal. Those seem to be quite experimental and interesting.
The 162M for sao is the development version. You have to check the production-version which should not be bigger than 5M.
The point is that Javascript is developing very fast with new tools, updated libraries etc. That’s why I’m using a framework like EmberJS (you can use Angular or React or Aurelia that’s up to you), so I can focus on the app itself where EmberJS continously update to use the newest libraries and tools. This comes at the cost of a bigger builded app but with the advantages of more focus on the app.
That’s quite interesting indeed. But you have to learn a new language and it used JVM which can also be a pain in the back because of different versions.
Considering PhantomJS found at /usr/sbin/phantomjs
Found PhantomJS at /usr/sbin/phantomjs …verifying
Error verifying phantomjs, continuing { Error: Command failed: /usr/sbin/phantomjs --version
/usr/sbin/phantomjs: error while loading shared libraries: libicui18n.so.62: cannot open shared object file: No such file or directory
at ChildProcess.exithandler (child_process.js:294:12)
at ChildProcess.emit (events.js:189:13)
at maybeClose (internal/child_process.js:978:16)
at Socket.stream.socket.on (internal/child_process.js:395:11)
at Socket.emit (events.js:189:13)
at Pipe._handle.close (net.js:610:12)
killed: false,
code: 127,
signal: null,
cmd: ‘/usr/sbin/phantomjs --version’ }
Downloading https://github.com/Medium/phantomjs/releases/download/v2.1.1/phantomjs-2.1.1-linux-x86_64.tar.bz2
Saving to /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
Receiving…
[=======================================-] 99%
Received 22866K total.
Extracting tar contents (via spawned process)
Removing /home/richard/src/tryton-env/sao/node_modules/phantomjs-prebuilt/lib/phantom
Copying extracted folder /tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2-extract-1545824881689/phantomjs-2.1.1-linux-x86_64 → /home/richard/src/tryton-env/sao/node_modules/phantomjs-prebuilt/lib/phantom
Writing location.js file
Done. Phantomjs binary available at /home/richard/src/tryton-env/sao/node_modules/phantomjs-prebuilt/lib/phantom/bin/phantomjs
added 337 packages from 223 contributors and updated 1 package in 27.857s
fixed 4 of 65 vulnerabilities in 1380 scanned packages
1 vulnerability required manual review and could not be updated
7 package updates for 60 vulns involved breaking changes
(use npm audit fix --force to install breaking changes; or refer to npm audit for steps to fix these manually)
$ du -hs .
259M .
Regardless, it is a mess and seemingly highly vulnerable… more than questionable for a production machine.
Let me ask perhaps a real stupid question, how did OpenERP do their web client without all the node.js hocus pocus and bloat; I believe it was also in javascript, no?
node_modules aren’t necessary for deployment (not need on the webserver).
as you noted, bower_modules contains documentation that aren’t necessary for deployment.
on OpenBSD, the port for sao install a directory with 15.5Mo (well, currently it is 67Mo, but your post makes me consider to check, and I am cooking a diff to remove docs/ directories ).
Indeed but it’s a bit like saying “you can not run tryton without gtk”.
jQuery + bootstrap is a bit like gtk (but we have to build everything from scratch), etc.
Of course it’s like having one gtk library per browser tab but that’s the way the web works …
Well if you go on their github page you’ll see that the project is 46% Javascript and 43.4% python, so yes they have a lot of javascript. And I think that their web client is distributed through their web addons:
And they use grunt, npm, etc to build their client.