Including third-party library to your GitHub project

Question

Is it appropriate to include a third-party Javascript library to your GitHub repository of the project using that library? Or is it a better practice to define the dependency and a link to it in the README files? Or are there any other best practices to deal with third-party libraries used in your project?

Answer 1

Is it appropriate to include a third-party Javascript library

It may or may not be, depending on the license of the library. For example, if the library is licensed under any of MIT, Apache or BSD licenses, it is generally ok. If it is a GPL license, this generally means that your whole project needs to be under GPL. (Disclaimer: IANAL)

Or is it a better practice to define the dependency

Yes - for the above reasons as well as maintainability. If you include the library in your repository, it will not automatically include bug fixes or a newer version.

are there any other best practices to deal with third-party libraries

Yes, that's what package managers are designed for. Typical package managers are npm and bower.

As an example using bower, your github repository needs to include the file bower.json, like so:

{
  "name": "mylib",
  "version": "1.0.0",
  "main": "path/to/mylib.js",
  "dependencies": {
    "<third-party-library>": "<version>",
  },
}

More options are available to manage development-only dependencies, ignore files on creating a distribution build etc. Check the tutorials on the above link.

Once you have done this, you can register the package to make it easy for others to install e.g. by this command:

bower install mylib

This will automatically install your code along with all dependencies such as the third party library/libraries you mentioned.

Note I'm not advocating bower specifically, it is just one example that works well with git repositories.