Learn More
Resend Email
13
10Dev
4y

Just another day fun as hell day with old JavaScript

rant

fml

vulnerabilities

*sigh*

node_modules

js
Favorite
Ranter
Comments
  • 3
    4y
    It literally tells you how to fix it.
  • 10
    4y
    @nitwhiz
  • 6
    4y
    To be fair, you could write javascript with no npm modules, so it's not really javascript's fault
  • 8
    4y
    @nibor That's like saying you can walk, so why complain about a broken car
  • 1
    4y
    @10dev it's often like someone not going to the shop at the end of their road because their car has a broken unnecessary gadget, when they could walk there in 5 minutes
  • 0
    4y
    @10Dev lol how do you even achieve this?
    Did you explicitly use the least popular packages?
  • 1
    4y
    @nibor Except it's not a 5 minute walk, though. It's usually a 10 mile run and a swim across the amazon river.

    No, it's not Javascript's fault but I doubt you'd also have enough time to rewrite all 92 plugins.

    Which is why I abhor working with JS.
  • 2
    4y
    Looks like a typical old JS project with too many dependencies that is being spun up again after 2 years of being dormant. This doesn't happen on a day to day basis in an ongoing project.

    Its good there is a tool that lets you know about it, but stop with the dependency hell already.
  • 1
    4y
    @theuser @nitwhiz yeah, this is js that I'm bringing back from the dead. Normally it isn't this bad
  • 0
    4y
    @10Dev Not really sure what you should do, I highly doubt you have the time to sort it out. Sounds like weeks upon weeks of updating and testing.
  • 0
    4y
    @theuser yeah I'm probably just gonna start again. This isn't worth updating almost 100 packages
  • 1
    4y
    JavaScript is literally the only language that tells you your vulnerabilities when you install a new module.

    As much as I know, other programming languages OBVIOUSLY have vulnerabilities too, but nobody tells you
  • 2
    4y
    JS devs be like:
    - pulling in 10 GB of trash from all over the internet
    - waking up to dependency hell
    - blaming JS
  • 2
    4y
    @Fast-Nop heeyyy after spending 60 hours slapping my dick around webpack 5, I got it down to 4 megs!! gzipped and minified
  • 1
    4y
    How much of that gazillion packages are you actually using?
  • 3
    4y
    exactly, those are only the errors? how many packages do you actually need??
  • 0
    3y
    @nibor this is the way.
  • 0
    3y
    npm audit fix --force
    npm t #does any test fails? If not then keep going
    npx npm-check -y #or -u if you want to be selective
    npm t

    And you should be good to go. Of course, if it's really outdated and reliant on deprecated packages, then it would be risky, but that's good enough to fix most of the dependencies without manually upgrading them.
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment