Thanks for your answers. But if I can be frank this doesn't really establish anything concrete. I could have a module that worked when I first imported it, but then didn't work after an update. Since node.js maintainers have no way of knowing when they're updating their code that I'm using it with jpm.
The only answer I'm hearing is "test it". If it works now, it might work in the future, or maybe it won't. Who knows? Given the dependency-hell that is node.js, there are very few interesting libraries that even work now.
Testing via Browserify is more work than just installing via npm and testing to see if it works. So I don't see the point of spending time on understanding Browserify.
For example, I wanted a library that supported SHA-256, but I can't use the node.js sha package because it has a dependency on graceful-fs. Why a hashing library has a dependency on a filesystem library is beyond me, but it is what it is.
Given all this it's a wonder why Mozilla even chose this crippled node.js method of development for their add-ons. I'm forced to use JS, but I can't rely on "native JS" libraries because we use a node.js syntax for requiring libraries. I also can't use node.js libraries because most of them don't work, and even for the ones that do work we can't guarantee that they'll work in the future.
Am I accurately describing the situation?