The only two people arguing against the change were both authors/contributors of is-number lol
Is it because they included a crypto miner in the package?
I’ve literally told my coworkers “I’m not saying we should never use dependencies. But every time you add a dependency, you should hate yourself a little bit more. Some self flagellation can’t hurt either.”
So, every time I use a library to recognize patterns on a picture, to interact with Kafka, do some SSL, or do database mapping, I should hate myself, noted
We did Elastic API integration in Java by creating and maintaining huge half-codegenerated transformer from code to Elasticsearch’s JSONs, it was a pain and it was source of more than one error
Dependences should be reviewed and audited to make sure they do what you need and they are worth using. Just making everything in-house gets you nowhere most of the time
You code in Java, of course you should self flagellate on a daily basis just for that. The entire ecosystem is completely fucked.
Nobody is arguing that you should never depend on anything and create everything yourself, but adding a dependency for literally a one liner function is awful. Like one of the Go proverbs goes, a little copying is better than a little dependency.
i think programmers need a self inflicted rule of it being less than 500 lines of code means you need to write it instead of using a pre written package/library.
On the other hand, we could make the packages like is-number the worst possible way of checking if something is a number, which would be really fucking funny…
Another day of being extremely thankful I decided not to learn JavaScript
I mean, the people relying on such packages didn’t learn it either.
Look at what you’re missing!
Edit: also,
is-odd
depends onis-number
These are both made by the same person from this PR (who also made both the package the PR is on, and the is-number package that is being removed as a dep)
Heaven forbid they make a package
is-even-or-odd
with both. Wait. Don’t give them ideas. They’ll just make it depend on both.
This can happen in any project that uses dependencies, javascript or not
Sure, but when was the last time you saw, say, a Python project using some third-party library instead of simply calling isnumeric() from the standard library?
There’s a reason for these jokes always being about Javascript.
Python has other stupid problems related to pip. As much as stupid micro-dependencies suck in Javascript, they’re not the shitshow managing dependencies in Python is. It’s an inefficiency that never actually caused me noticeable issues in my former webdev life.
And let’s not talk about C++… People reinvent all sorts of wheels all the time because sharing anything is so annoying.
Seems to me the only reason for these kind of dependencies to exist in the first place is that people really, really, really, REALLY can’t code.
this is exactly the kind of thing the senior engineers above me at my last job would use… Their code made me cry
I really need a community here solely dedicated to GitHub drama. This is so much better than Twitter drama, more relatable.
Note that the PR was later merged by a member who got fed up with his colleagues.
I’ve honestly never understood why someone at Google or Mozilla hasn’t decided to write a JavaScript Standard Library.
I’m not opposed to NPM, because dumb shit like this happens everywhere. If such a package is used millions of times a day, perhaps it would make sense to standardise it and have it as part of the fucking browser or node runtime…
That’s basically how Javascript gets extended. I put off learning jQuery for so long that all the features I’d want are now standard.
Vanilla JS is pretty good on the client side, but leaves a lot to be desired on the server side in Node.js, even if you include the standard Node.js modules.
For example, there’s no built-in way to connect to a database of any sort, nor is there a way to easily create a basic HTTP REST API - the built in HTTP module is just raw HTTP, with no URL routing, no way to automatically JSON encode responses, no standardized error handling, no middleware layer, etc.
This means that practically every Node.js app imports third-party modules, and they vary wildly in quality. Some are fantastic, some are okay, and some are absolutely horrible yet somehow get millions of downloads per week.
There’s a js runtime called bun that is 90-something% feature equivalent to node and also has built in alternatives to many packages like express and bcrypt. I haven’t used it myself so I can’t speak to its quality but it’s always nice to see a little competition
So is Deno! You can easily import
npm:
andnode:
packages and run typescript without transpiling. With Bun and Deno there’s no reason to use Node tbh.For starting new projects i absolut agree. At work we have a legacy react app that just will not run on bun and for deno we would probably have to rewrite some stuff.
I wish they would replace JavaScript with something that was made for what it’s used for. JavaScript should have died years ago.
Sometimes it’s hard to detach It, specially dealing with web dev.
The browser expects JS, since JS was made for the browser, so you make a front in JS. But now you need a back, and hey, you already have all models and repos in JS, might as well make the back with JS.
It’s a vicious cycle. Honestly, JS is fine for either if you are component enough (ie. not using stuff like “is-number”), don’t get the hate on It.
No, JS is for scripts, it should have never been a whole framework for a frontend. But we can’t get away from it now, because it’s the only thing we have for browsers.