I will walk through some of the features of Duo adding my own commentary of how well I think Duo lives up to it's promise.
To begin you will need to visit your terminal.
Next Duo needs to authenticate with GitHub so you'll have to add an entry to your
You can create a GitHub token here.
Now you can pull your dependencies straight from GitHub.
var _ = require('lodash/lodash');
While it's a one time thing to setup I don't love the requirement to authenticate with GitHub. I suppose it is handy for accessing private repositories should you have the need.
You will inevitably want to control the versions of your dependencies. Duo accommodates this using semver.
var _ = require('firstname.lastname@example.org');
No manifest is fine if you have a simple project with a single file. If you're dealing with a real world project with many files sharing the same dependency however this approach breaks down. It would be a nightmare trying to manage versions of packages this way.
By default Duo will look for an
index.js file within the repository of the package that you are requiring. Duo provides syntax for specifying another file to load should the main file exist elsewhere.
var _ = require('email@example.com:/dist/lodash.js');
index.js is a sensible default, but if it doesn't exist Duo doesn't fall back to looking at the
package.json. When looking at the 10 most depended upon packages on npm's registry only six provide an
index.js. This requires a developer to look at the repository of the package they want to depend on to discover for themselves what main file to reference.
The one thing Duo does differently than existing package managers is that it merges package management and package bundling into a single tool. Where with npm you would also use something like webpack or browserify, Duo handles both tasks.
$ duo index.js > dist/my-project.js
The biggest catch here is that you have to execute a build step to run code.
First-class support for HTML and CSS
Another unique feature of Duo is the first-class support of HTML and CSS.
var template = require('./template.html');
Duo handles CSS as well.
This is actually a pretty useful feature. Not that it isn't already solved in other ways, but that they handle common use cases is handy.
When you dig a little deeper into Duo you discover that their pitch is actually misleading.
Pull dependencies straight from GitHub, without you needing to edit any package manifest file!
But what this really means is:
You don't need a manifest file to quickly scaffold a proof of concept, but if you are going to use Duo for a real-world app you should actually use a manifest.
Just like Component, Duo uses
component.json to manage package versions (incidentally both Component and Duo are brought to you by Segment).
In the end this really isn't any different than using
package.json with npm.
Ultimately I am not sold on Duo.
On one hand Duo offers:
- Quick scaffolding for small scripts.
- No need to register modules with package registry.
- Private repository support.
- One stop package management and bundling.
- First-class support for HTML and CSS.
- Source transforms for Coffeescript and Sass.
On the other hand:
- Dependencies will end up in
- Need to discover proper main of a package myself in many cases.
- Having a registry to search is useful.
- How do I know if package on GitHub is intended for wide use?
- Building is required to run any code.
- ~/.netrc file required to request packages from GitHub.