Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
nibor48134yTo be fair, you could write javascript with no npm modules, so it's not really javascript's fault
-
nibor48134y@10dev it's often like someone not going to the shop at the end of their road because their car has a broken unnecessary gadget, when they could walk there in 5 minutes
-
@10Dev lol how do you even achieve this?
Did you explicitly use the least popular packages? -
Angry15654y@nibor Except it's not a 5 minute walk, though. It's usually a 10 mile run and a swim across the amazon river.
No, it's not Javascript's fault but I doubt you'd also have enough time to rewrite all 92 plugins.
Which is why I abhor working with JS. -
theuser47814yLooks like a typical old JS project with too many dependencies that is being spun up again after 2 years of being dormant. This doesn't happen on a day to day basis in an ongoing project.
Its good there is a tool that lets you know about it, but stop with the dependency hell already. -
10Dev28534y
-
theuser47814y@10Dev Not really sure what you should do, I highly doubt you have the time to sort it out. Sounds like weeks upon weeks of updating and testing.
-
10Dev28534y@theuser yeah I'm probably just gonna start again. This isn't worth updating almost 100 packages
-
crisz81914yJavaScript is literally the only language that tells you your vulnerabilities when you install a new module.
As much as I know, other programming languages OBVIOUSLY have vulnerabilities too, but nobody tells you -
JS devs be like:
- pulling in 10 GB of trash from all over the internet
- waking up to dependency hell
- blaming JS -
theuser47814y@Fast-Nop heeyyy after spending 60 hours slapping my dick around webpack 5, I got it down to 4 megs!! gzipped and minified
-
npm audit fix --force
npm t #does any test fails? If not then keep going
npx npm-check -y #or -u if you want to be selective
npm t
And you should be good to go. Of course, if it's really outdated and reliant on deprecated packages, then it would be risky, but that's good enough to fix most of the dependencies without manually upgrading them.
Related Rants
-
cdrice105"You gave us bad code! We ran it and now production is DOWN! Join this bridgeline now and help us fix this!" ...
-
tahnik63So I need to create a nice new web app. Let's look at some cool JS frameworks that I can work with. *5 mins l...
-
MoboTheHobo36My Friend: Dude our Linux Server is not working anymore! Me: What? What did you do? My friend: Nothing I swe...
Just another day fun as hell day with old JavaScript
rant
fml
vulnerabilities
*sigh*
node_modules
js