Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Modern web development is fucked. Just absolutely, totally screwed up.
I want to create a simple to do list web app. Look for a tutorial: "OK guys, this is really easy, it just takes five minutes."
First step, install these:
- Git
- NPM
- NodeJS
- Express
- MongoDB
- Docker
- React
Second step, npm install about one million modules. Don't question what they do or why they're there.
Before you know it, six hours have passed and you've got a code base of 3GB and you haven't even _started_ on your app.
FUCK that shit! I can create this web app with Internet Explorer and Notepad.49 -
I believe by the time Elon Musk sets up a colony on Mars, npm will be done installing those fucking dependencies.10
-
Company: "We'd like to use SQL Server Enterprise" MS: "That'll be a quarter million dollars + $20K/month" Company: "Ok!" ... Company: "We'd like to use Babel" Babel: "Ok! npm i babel --save" Company: "Cool" Babel: "Would you like to help contribute financially?" Company: "lol no"3
-
I just hate npm dependencies.
If you want to write a small website with npm dependencies (some frontend deps like Bootstrap and some development deps like gulp or babel) you will have more npm dependencies in your project than own code. It is ridiculous, how some lazy developers just add dependencies to their projects, without evaluating their dependencies. The source code of one of my projects is around 4MB (without any dependencies). If you then run yarn as required, it grows to around 80MB (where 73MB are node_modules).
This is just terrible.
I rant about this, as I made the mistake to upload my node_modules directories when restoring a backup of my server. Worst idea one could ever have.
9 -
So pm2 (a node process manager package on npm) just caused thousands of CI builds to fail because of an "optionalDependency" on a package called gkt which is requested as a tarball from a server that was returning 503. That package consists of one file which contains this
16 -
Just released my JS devRant API wrapper. It has support for posting, viewing, voting and much more. If you are interested here is the NPM package:
https://npmjs.com/package/...
9 -
Me annoying our dev:
Me: “Is your npm watch running?”
Him: “Yes!”
Me: “You better go catch it then... 🤣”
Him: “....”
I think we gatta let him go :(5 -
Have you always been missing ads in CLI applications? Have you been wondering how to bring such modern browsing experience to CLI? NPM has solved this problem, it has CLI ads now!
https://github.com/standard/...
However, the are already people who spoil this great new experience with CLI ad blockers:
https://github.com/kethinov/...26 -
Laziest thing!!!??? You better ask me when I was not lazy. Framework here framework there, library here library there.
npm install 29282818 packages
Bye -
I just saw
`git add . --all&&git commit -m update&&git push`
as a npm script hook m) I don't even care, just surprised it wasn't named yolo.2 -
$ npm audit
> found 19 vulnerabilities (10 low, 5 moderate, 3 high, 1 critical)
$ npm audit fix
> fixed 0 of 19 vulnerabilities in 11987 scanned packages
> (use `npm audit fix --force` to install breaking changes; or do it by hand)
$ npm audit fix --force
> npm WARN using --force I sure hope you know what you are doing.
Me too, buddy. Me too.1 -
Grunt, gulp, bower, webpack, rollup, yarn, npm, requirejs, commonjs, browserify, brunch, rollup, parcel, fusebox, babel,
wrappers for bundlers, frameworks on frameworks, then for css, theres scss, sass, less, stylus, compass, and for templates, handlebars, mustache, nunjucks, underscore, ejs, pug, jade, and about five billion other word-salad tools, all with their own CLIs, each in some way building on npm, but with their own non-congruent little syntax, like no one realized they were reinventing the same problems introduced by domain specific languages, most happy to announce "configuration takes a little time, but it's worth it!"
No, it's not. Just stop people. Just stop. You're not doing anyone any favors by creating another lib, all you're doing is tooting your own horn and self promoting. Use what exists and stop creating more shit for new people to learn, to add to the giant clusterfuck that is the 2019 hotmess known as "web development."
You're not special. You're not important. You're lib or tool will be famous for 15 minutes and no one cares what you've made.
If you want to contribute to web development, do us all a favor and contribute to global sanity by kindly deleting your contribution and any plans to contribute new solutions to problems that have already been solved.18 -
Fuck npm and the whole npm community!
Seriously, what a piece of completely uncontrolled cat litter!
First experience was getting malware from an npm package which I ranted about a while ago. That it can even happen is beyond my imagination.
Second experience was today when our app broke because a fucker who wrote a library doesn't understand semantic versioning.
If you're gonna publish an npm library, please do the whole fucking world a favour and learn how to version your shit correctly, so my app doesn't break! If you do BREAKING CHANGES don't change the fucking last version number you filthy piece of garbage!
Phew, that felt good 😧3 -
Hey look, npm broke my project again. Surprise!
Code and dependencies on my local machine, all untouched for a couple of weeks, no longer works. I've no idea how it even managed that.
Oh, and `npm update` crashes.
eventually solved by upgrading npm and running `npm update --depth 500` because some arbitrary child dependencies changed without updating the parent packages, ofc. on my local machine. without me having run `npm update` for about a month.
because of course that makes sense.
Second time in two months, too.
isn't npm great?3 -
Really, I hate this composer / bower / npm shitholes!
Why the hell is my app 300MBs?!? Because that shitty pudding composer decided to download the ENTIRE git including README.md, examples, 5 hours of assembly-giraffe porn, my granny's pajamas and two wraps of kebabs!
How hard is it to define the folder that contains the REQUIRED library so that our project might stay at 5MBs instead of 300?18 -
Oh yes, I very much like you, Mr. 1337-DevPro-Ultra-Haxxor. Thank you for using a boilerplate from github, that is bloated like some random female pr0nstar after an orgy. Oh and it is also very funky of you, that the setup scripts and tasks only work on Apple OSX, because using a simple gulpfile with 3 npm dependencies and 5 lines of code would not be trendy enough.
Some JS "devs" should be punished by drowning in their own feces aka a mix of bower, yarn, npm, brew and the crusty stuff that is left behind after running it.3 -
Fuck, I just lost a node module name.
A few days ago I had an idea for a node module, checked npm to see if the name was taken and it was not. Today I was going to publish it and found out someone registered it 2 days ago.
Now I'll have to think of another name or publish it under my username...8 -
the evolution of a js dev:
solve a problem with somebody else’s code
solve a problem with your own code
solve a problem with npm install4 -
Why the hell would I apply for a job as a JS developer when you can't even write proper JS? You're advertising on fucking NPM!
17 -
-- So you like npm? Upgrade to version 5 to use its sweet features!
OK. Let's run `npm install npm@5`. Erm, my npm is now a broken mess, not finding `semver`.
-- Well, since you like npm you also will like yarn! It's just facebook's npm. So run `npm install yarn -g`
Yeah, but I wanted `npm@5` not `yarn`.
-- Then just run `yarn global add npm@5`. You then have npm@5.
(╯°□°)╯︵ ┻━┻
And yes, that works.5 -
I was so proud of my recent tiny little node script that I published it on npm.
I really just kinda wanted to learn how npm worked. I don't expect anyone to find any use from this.
I wrote the README in a sarcastic tone if anyone is interested in reading that
https://npmjs.com/package/...
4 -
Damn... some dude has his full SSH credentials to his webserver in his published NPM package...
I have to tell him 😅15 -
I'm starting to hate js. Every library needs atleast 1000 other libs. I just blew the node_modules folder to 100mb with just one npm require17
-
Modern tragedy in four lines:
- I just bought a new 1TB SSD
- Look at all this free space
- Let's do npm install
- Oh no6 -
This counts as a rant. I'm annoyed with myself.
I shouldn't be allowed access to npm. I just published the shittest package ever just to make a joke.
In case you want to laugh at my shit joke:
https://github.com/bashleigh/...22 -
Rule 34.
"If it exists, there is porn of it. No exceptions." Rule 34 (novel), by Charles Stross
Same thing applies to npm modules.17 -
"In fact, 97% of the code in a modern web application comes from npm. An individual developer is responsible only for the final 3% that makes their application unique and useful."
😄 3%? haha
npm report 2018
https://blog.npmjs.org/post/...14 -
$ npm install ...
$ added 10 packages from 7 contributors and audited 21813 packages.
I realized that after some point you don't even think about your project dependencies growing. Because even adding 10 packages, it looks like it doesn't even changes the total number of packages. 21813, 21920, 21980... Does it even matter? Fuck.7 -
Him: "I don't need source control, it's just another program that does unknown things on my source files. What if one day it stops working?? How do I get my files??"
Me: "you could say the same thing on 90% of the tools you use every day... Like when you restore npm packages by GUI"
him: "what are those? I don't use them"
Also him: "command line is vintage"2 -
I know last year suddenly lots of animated login popped out.
NPM actually uses one... and it doesn’t look that good
14 -
`npx create-react-app blah`
`cdls blah && npm audit`
63 vulnerabilities.
good fucking job.
To be fair, they're all minor, but they're all *exactly* the same, caused by the same freaking package. Update your dependencies already!
------
`npm i --save formik && npm audit`
68 vulnerabilities, three of them critical.
ugh.6 -
> Be chad lodash dev
> new security vulnerability discovered in April
> low
> virgin devs ask to fix https://github.com/lodash/lodash/...
> giving no shit, because lodash stronk https://github.com/lodash/lodash/...
> fast forward now
> NPM lists lodash as vulnerability, because no fix
> 1000s of downstream projects affected
> https://github.com/lodash/lodash/...
> surprised pikachu face10 -
const nsfw = require('nsfw');
//Now that's a sexy name for an npm package
https://www.npmjs.com/package/nsfw1 -
unpopular opinion: javascript has broken standards, and nobody corrects it. people use these frameworks and shit with 600 dependencies, then can't figure out how to update their application when things go out of date. now people are expecting you to use NPM to make a - - > static <- - website9
-
Hit over 300 downloads on NPM! Not much, but it feels good and makes working on open source projects all the more worth it.
2 -
This is the face of NPM right now.
So, Devon Govett (Parcel creator, hella lot of GitHub stars) offered to kind of standardize package.json, but faced nothing but angry NPM-CLI creator telling him that he’s a “rando from internet” and “why the fuck are you even speccing something, and why would anyone care”. No real professionally ethical discussion, no invitation to discuss things together with team, no even polite “no”.
Definitely the friendliest behavior possible, well done!
https://mobile.twitter.com/maybekat...
7 -
Note to self:
Don’t use npm, use yarn!
Don’t use npm, use yarn!
Don’t use npm, use yarn!
Don’t use what??👂
Npm! Use yarn!
Well done!! Now repeat this 5 times a day.24 -
seeing these things make me very uncomfortable, I feel like reaching into the software and wiping it off, makes me wonder how much of a mess this npm ecosystem is going to become, I really dont know much of how these things work. I figured the issue could probably be the same across languages, libraries sitting atop libraries until the whole thing becomes unmanageable. I'll stop rambling now
that's the installation of expo-cli
8 -
How I wasted my Sunday:
A programmer I know claimed that his Nodejs app was lightweight since it only relied on 2 dependencies (express and mongodb)
So I wrote a script to recursively transverse the npm dependency tree and count the number of dependencies there actually is
Installing those 2 packages alone means your app depends on 73 pieces of software in total
In conclusion, nothing written in Node is ever lightweight
Oh yeah, it was also Easter I guess8 -
Gonna make a pull request for Project!
"How to Project:
npm install
npm test
npm run start"
npm install: warning, warning, deprecation, warning
npm test: 30 tests, 15 failed
npm run start: error, C stack trace
Pull request status: on hold3 -
npm install wake_up
npm install do_laundry
npm install wash_dishes
npm install walk_dog
npm install water_plants1 -
sometimes I can't understand how I got my senior web engineer position at my age.
but then I look at my fellow senior cursing about some stuff that he doesn't understand and doesn't want to understand (today it's npm) and then I feel ok again :D1 -
I like npm errors.
So i installed nodejs on termux on my android smartphone to watch npm fail, even when I take a walk.
Great times!
5 -
Gotta love npm open source packages
A developer appears to have purposefully corrupted a pair of open-source libraries on GitHub and software registry npm — “faker.js” and “colors.js”
https://snyk.io/blog/...
https://theverge.com/platform/amp/...
https://github.com/Marak/colors.js/...16 -
"How much of a dev are you, if you use other peoples work and just glue it together?" I once asked a friend who really loves npm and everything.
I know about code reuse and maintainability and all that but geez we had a long discussion..😅5 -
“Overhearing powers of the Fullstack dev”
We have an internal control panel (BEEP) to manage our dev Tomcat instances. The other day, with one of my muggle friend, I was trying to restart an instance. There’s a checkbox to clean the host tmp files and directories, ingeniously named as - Purge cache.
Innocent Me (to my muggle friend): bro would Purge cache delete the application log files?
__(Fullstack dev overhearing us)__
Muggle friend: Purge ca... (gets interrupted my the Fullstack dev)
Fullstack dev: so the thing is ... it’s like ... (gotta be consistent with the opening) what “npm purge” does is it deletes the files which are not being used.
Confused Muggle friend: bro it’s a BEEP option to clean the tmp dirs.
Fullstack dev: oh I thought you guys were talking about “npm purge”
Angry muggle friend: then WHY THE FUCK did you answer if you didn’t know [...] the fuck we were talking about.
Calm fullstack dev: FYI. Might help you someday.
Deeply-hurt Me: (what the fuck is “npm purge”). Hey man do you mean “npm prune”? Because they don’t have an npm purge. And what do you mean by “it deletes the files which are not being used”?
Confident Fullstack dev: NO
Me: (cries in npm)
More to come!3 -
Beware of NPM packages maintained by Brandon Nozaki Miller alias RIAEvangelist. He added IP-specific malware to node-ipc.
https://security.snyk.io/vuln/...
https://github.com/RIAEvangelist/...16 -
After two months of NPM hell I have made the decision to stop trying to catch up to this Javascript insanity.
The salary I would make if I understood this shit is not worth my sanity. Most people develop a career, but all I seem to develop is RSI and a seething hatred for humanity.1 -
npm: "npm does not support Node.js v10.24.0; You should probably upgrade to a newer version"
Also npm: "Supported releases are the latest release of 4, 6, 7, 8, 9"
Uh...good to know this piece of software is still a dump where rejected code goes to rot.2 -
NPM has this cool feature called "link" which allows you to easily link local npm packages as dependencies of other local packages for developement. It's so cool in fact that everything you run npm install it deletes all your links for fuck all reason1
-
Earlier this day, I was about to start a new project. So I copied my favourite gulpfile.js into that projects root and installed all dependencies with npm. After running Gulp for the first time it threw an error.
Silly me tried to fix stuff and got googling the error and trying random things... After a break of a few hours I just fucking rerun Gulp and read the fucking error completely. It stood there. The fucking solution just stood there, run "npm blah --force" to reconfigure package blah....
Of course it worked right away and I finally could start working. But this shit took way too long. Why I just can't read the fucking error message. Damn -
Had an interesting application for a web / fs position the other day. Some guy in his 40s sent a CV, along with a bunch of 5+ years old reference letters (recommending him for things like PHP 5.3 and ExtJs 4). A bit outdated but okay.
And then, he put in a list of NPM packages he used. Not just relevant frameworks like Angular & React, or tools like Webpack and Babel. No. A list. Of. NPM. Packages. There were things like UUID there, which is literary a single function!2 -
That time when one of the npm modules you use gets a patch that contains a breaking change. You fix your code. Then a week later the module patches again and revert the breaking change. :/
-
I like JavaScript as a language. But I hate absolutely everything around it. All of these tools just make things more difficult. Sometimes when I clone a project I want everything there. I don't want to then wait 30 minutes to download the latest version of every library used, with at least one of them always breaking something. I don't want to have to use npm or grunt or whatever. Just give me the damn thing I need not make me spend 30 minutes running round in circles! Never have these problems in any other language!
Come on WebAssembly!11 -
seconds into 2019
I see one incompetent fucker asking to eval in Node.js..
A FUCKING FETCH OF A NPM MODULES IN CDNJS
you know what's the reason?
node_modules
Fucking kill me unless you're some dumb bitch who uses npm modules like some braindead motherfucker who doesn't know what a number is, node_modules takes only an average of 3.6MB
Compared to RubyGems who takes 40+
Or Pip
Seriously stop this. I wanna hang myself because my 2019 put me in a shit mood1 -
I don't remember/saw if somebody posted it in this much detail, but here's how one developer essentially showed how broken npm once again is, by just removing all his published packages, basically breaking thousands of other packages that depended on it, very interesting read, especially to understand how npm can't be relied on.
https://theregister.co.uk/2016/03/...
http://blog.npmjs.org/post/...
https://medium.com/@mproberts/...
https://arstechnica.com/information...4 -
Today in some onboarding meeting i was laughing my ass off.
We were setting up the development machines that we got from the client to work on via citrix.
You guys probably know, that when you put your npm projects too nested into your filesystem, that packages randomly start not behaving because of too long file names or path names and stuff like that. That seems to be a problem with all OS (to be fair i havent actively looked for a solution, but it happened to me on Windis and Linux, so i'm just assuming here)
but even more so for some packages on Windis, when the project is not running on the same fucking drive letter than where your OS is running on. Like... wtf?
Had two UI5 projects pulled, both of them on D:. The first npm install went through flawlessly, the second one has a number of random errors, me and the other dev didn't know what they were. So what i suggested is to move this project onto C: and try it again. Turns out that was exactly it. Et voila, npm install ran through without any hiccups..6 -
So i just created my own npm package. And published 3-4 days ago.
And don't know how but there is already 60+ weekly downloads.
So thanks for them who support me😅6 -
Me: Writes down 'npm install '
Me: Copies the install command and pastes it
Me: Run 'npm install npm install package'
Every fucking time2 -
What seemed like a simple task of upgrading our angular project and adding universal to it, is slowly beginning to feel like an impossible mission.
Fuck you npm, fuck windows and fuck whoever thinks javascript/typescript can be used for every god damn thing.
I fucking give up -
Friend asked me how to start a node server. I gave her starter code and told her to do “npm init” then “npm install” ur modules. This is what she did
2 -
Every fucking time I install a new npm package
npm WARN deprecated core-js@2.5.7: core-js@<3.0 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
npm WARN deprecated fsevents@1.2.9: One of your dependencies needs to upgrade to fsevents v2: 1) Proper nodejs v10+ support 2) No more fetching binaries from AWS, smaller package size
npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/...
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated domelementtype@1.3.0: update to domelementtype@1.3.1
npm WARN deprecated circular-json@0.3.3: CircularJSON is in maintenance only, flatted is its successor.
npm WARN deprecated flatten@1.0.2: I wrote this module a very long time ago; you should use something else.21 -
Are you.. are you telling me .. that every time ..... every time ..... I've been running ..... npm i something .... it's been putting ^version into my ..... package.json file ?!?!?!?!!? SO THAT IN THE FUTURE WHEN I COME BACK TO THE PROJECT AND DO A FRESH NPM I .... THE VERSIONS WILL ALL UPDATE .... AND THAT'S WHY I'M ALWAYS DEALING WITH BUGS WHEN COMING BACK TO PROJECTS EVEN THOUGH IT WAS WORKING WHEN I LEFT IT A FEW MONTHS AGO.
FUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU21 -
How a node js developer's Terminal history look like --
npm install random_package
npm install shitty_package
npm install I_don't_know_what_it_does
npm install crap2 -
I just need to get this out.
NPM is not the worst dependency manager. It is way beyond any word in any language that can describe the most negative thing about it.
I developed nodejs projects. I like JS, it's a great language to work with. But not NODEJS, not NPM.
I can run my app in a F* browser but not once, not a single time that nodejs and npm can run at the first time. I spend way more time to build a working environment with nodejs and npm than to build my own app.
whoever developed these two pieces of crap had brains that filled with mud. And who gave them the courage to even put it out for people to use? JS is such a good language and they have ruined it.
There are so many dependency managers out there couldn't they just take a look at how human beings do things? I mean they have never seen APT or Composer or something else that actually work?
Or they just had so much ego that they had to let other people to feel how difficult their lives are.
I don't care about how you manage the dependency and I shouldn't. You people made these crap with one purpose that chould help others to develop easily but NOOOOOO, we have to spice it up, right? You just have to make it fat and greasy, right? You just have to make it doesn't work. I bet you people just redefined the F* CONSTANT of "How to Develope a System that Doesn't Work".
I don't know if NPM genius have ever did a information collection of their system. I bet most function that has been invoked is "throw error".
The funny thing is on NPM website, they provide Enterprise Solutions.... I would sue them for fraud.13 -
The moment I need internet to do things (npm with angular), but the company moved to a new building and internet is screwed. It'll still take a while to set up. So now I'm sitting here, ranting on devrant and doing nothing.
My exact face and thoughts right now:
1 -
just realised that "have you tried to `rm -rf node_modules/ && npm i` is the js adaptation of "have you tried turning it off and on again".1
-
I made a CLI tool i named it CRAO, its for creating react apps offline, cuz it wraps up all the necessary modules, and its fast.
Check on NPM Create-react-app-offline2 -
So I just published my first npm library
Anyway couldn't think of any other people that would know the feelings.
https://github.com/pichardoJ/...
I'd love to get your feedback4 -
security fiasco due to a malicious npm package:
Because of a bitcoin miner present in event-stream npm module (https://bleepingcomputer.com/news/...), my entire team and I had to scan all our nodejs apps, repos and the most excruciating one, all node_modules folders across all our dev machines and servers, to see if event-stream and flatmap-stream is present, then not just delete it but update a bu**load of upstream dependencies which internally used event-stream. All due to one malicious package which was hidden several layers beneath.
And, this happened almost 8 months after the aforesaid vulnerability was first found.10 -
I'm so fucking fed up with the npm ecosystem. Every single god damn time I've had to do anything it always takes DAYS to figure out how to get anything working and I always have to try multiple tools or libraries to final get it half way sorta.
I'm so fucking annoyed right now. They always turn out not that great, have lacking features or trivial oversights in functionality and ALWAYS have garbage documentation.
I just want to build a fucking npm library with TypeScript to be used with node. That's probably the NUMBER 1 use case so how fucking hard can that be?
So obviously I start out with tsc. That's quite simple, compiles all my stuff and shits out .js and .d.ts files. Okay so how do I use them via es6 import? I don't fucking know, because it doesn't work no matter what I do. The 'module' option in tsconfig is absolutely useless btw. It does *literally* fuck all. Nada. Absolutely nothing.
Okay I'm far from defeated, maybe I'll just have to bundle it. So I waste two days finding something that half works (I'm using fusebox right now) and at last I get a stupid es6 module as a single bundle... But what about type the declarations? They are nowhere to be seen and of course there's no option for that. Because Fusebox the pile of shit that's oh so well Typescript integrated apparently doesn't think TYPE DECLARATION FILES are needed. What the actual fuck.
And that's where I'm now. I need the fucking .d.ts files so I can use it as a module with import. Do I really need another fucking piece of shit tool that bundles these files? Honestly fuck all of this. "Oh the Javascript ecosystem is so great" YEAH fucking great, alright. Where 90% of the ESTABLISHED tools and libraries (we don't talk about the landfill of all the other shit) flat out don't do what you need. Again, how fucking hard can it be to make a npm lib with typescript? That should be NATIVELY SUPPORTED. If not by npm atleast by typescripts tsc.
FUCK NPM. FUCK JAVASCRIPT. AND FUCK THE WHOLE ECOSYSTEM4 -
So I actually prefer npm to most other package managers (with the exception of go's package handling).
Like you need to look no further than to pip's hell of package management, to start appreciating how clean npm is.
***Shots fired***6 -
Microsoft buys npm
Am I the only one seeing a tendency of a few big companies (Microsoft, Apple, Google, Yandex, Tencent and 10-15 more) slowly (or not so slowly) acquiring more and more small companies? I hope however that it stays as transparent to the end user; I also hope it even helps, because I hate getting used to a product/service and then the company dropping it because they have no resource and/or interest in supporting it (Google Inbox anyone?)
6 -
JavaScript libs have a massive problem with quality and especially with quality of documentation and error reporting
For the entire day I've been staring at this stupid error and can't figure it out. The documentation stating that the source function sets the source dir, but not actual saying what 'source dir' means or what paths are resolved against it is no help either
npm is actually really awesome but almost every library I've tried just fucking sucks
3 -
All this small node modules in the npm repository that is a fork of another with a name that sounds almost like the other. It's a jungle. Then things are abandoned or changing name. How much i like coding nodejs based projects I really feel bad of the total mess with that repo. Freedom and a lot of projects are good. But the mess is like the flat of a young student that hasn't been cleaned in a year.
-
Confession: I've been installing npm packages globally using sudo for years just because I'm too lazy to set it up properly.5
-
Updating angular and npm/node/whatever the fuck is the most difficult and convoluted thing ever
Web devs, you deserve better than this awful piece of shit cable mess of a fucking "framework" or whatever the fuck this retarded shit is meant to be2 -
Lol, people who use npm currently experience issues as npm install returns 418 I'm a teapot
Source: https://github.com/npm/npm/...1 -
Fixing the npm permissions..
This should be covered by a giant red light and skulls.
If you don't see the warning you broke sudo
1 -
I wonder if NPM prevents allowing a package to be it's own dependency. If not I have important trolling business to tend to.1
-
People wonder what would happen if internet went down while all it takes is npm repository and the dev world goes to shit xd
https://github.com/npm/cli/...2 -
When you install npm to install an older version of npm to install a yeoman and install a generator that generates a generator.2
-
While setting up a node app while sitting behind draconian proxies:
- first, set $http_proxy & $https_proxy
- set git proxy
- then, npm proxy, jspm proxy and bower proxy
- followed by strictSSL to false.....
After moving to home network/VPN, change all of these proxies again. It is a never ending vicious circle :(1 -
I learned today I can "npm install" directly from a GitHub repo. This allowed me to create a React component (viewer of gLTF files) for a 3D game and share it with my team. I know I could've published it to npm registry, but I didn't want that since it's a very specific component for our project, and private npm packages are very pricy.
Hope this random !rant will be useful for someone wanting something similar. -
Setting up npm private registry and mirror is like setting up machine for handling ddos attack.
Last time I was tuning linux kernel tcp ip stack by adjusting default variable values was ages ago but if you see 100 open sockets in a matter of second after you try to install single frontend dependency you start questioning your life. -
npm is the WORST MISTAKE THAT HAS EVER HAPPEND TO SOFTWARE ENGINEERING. I HATE IT AND I REGRET EVER READING ITS DOCUMENTATION, SO MUCH WAISTE OF TIME ON ABSOLUTE JUNK8
-
!rant
Since I only have internet access via mobile phone on the way, the bandwidth varies from place to place.
Only one suggestion for all those who use NPM and do not have the space to clone the entire repository (almost 2 TB) or have a slow internet connection.
Modserv (https://github.com/wmhilton/modserv). Works flawlessly and saves a huge amount of data volume.
I've been using it for almost six months without a single problem. -
Finally found a free noun on npm... I realized though, I have no idea how to promote a package I've built anymore. The internet is too noisey... Hmmm, how do you successfully get the word out these days?3
-
It looks like packages on npm have "disappeared".
https://github.com/npm/registry/...
Gotta love javascript.2 -
Finally made my node production server stable enough that I could focus on writing tests*. I start by setting up docker, mocking cognito, preparing the database and everything. Reading up on Node test suites and following a short tut to set up my first unit test. Didn't go smoothly, but it's local and there are no deadlines so who cares. 4 days later, first assert.equal(1+1, 2) passes and I'm happy.
I start writing all sorts of tests, installing everything required into "devDependancies," and getting the joy of having some tests pass on first try with all asserts set up, feels good!
I decide to make a small update to production, so I add a test, run and see it fail, implement the feature, re-run and, it passes!
I push the feature to develop, test it, and it works as intended. Merge that to master and subsequently to one of my ec2 production servers**, and lo and behold, production server is on a bootloop claiming it "Cannot find module `graphql`". But how? I didn't change any production dependencies, and my package lock json is committed so wth?
I google the issue, but can't find anything relevant. The only thing that I could guess was that some dependencies (including graphql) were referenced*** in both, prod and dev, and were omitted when installed on a prod NODE_ENV, but googling that specific issue yielded no results, and I would have thought npm would be clever enough to see that and would always install those dependencies (spoiler: it didn't for me).
With reduced production capacity (having one server down) I decided to npm uninstall all dev dependencies anyway and see what happens. Aaaaand it works.....
So now I have a working production server, but broken local tests, and I'm not sure why npm is behaving like this...
* Yes I see the irony.
** No staging because $$$, also this is a personal project.
*** I am not directly referencing the same thing twice, it's probably a subdependency somewhere.2 -
That's why we love NPM:
>npm install
*installing packages*
npm warn ........................
npm warn deprecated .....................
npm warn .......................
********** A million times more ***********
Oh it works! eh, just ignore every warning :)4 -
NPM and the whole dependency tree for JS packages should burn in the pits of hell.
Let's pretend that uninstalling a single (albeit larger) module didn't take 8 minutes and that it didn't spit out 20 warnings from a total of 277 (HOLY FUCK) related packages.
How can you guys (JS-only devs) handle this ?!15 -
> npm start
* proceeds to leave the workstation for coffee / tea / slack off
* comes back 15' later
* leaves again
Thanks, Brian.5 -
Dijkstra 1988: "Unfathomed misunderstanding is further revealed by the term 'software maintenance', as a result of which many people continue to believe that programs —and even programming languages themselves— are subject to wear and tear. Your car needs maintenance too, doesn't it?"
npm 2018: "Naaaah!" -
It takes courage to use npm as a product. The inability of its leader, Isaac Schlueter, to communicate the reasoning behind decisions pose a risk as a choice for long term toolchain.
My company will move to yarn for now and jump ship to Deno as soon as it reaches all of my check marks.5 -
It's almost 4 am
I want to continue developing my vuejs stuff
The files are in a folder on my desktop
I open the Terminal to navigate there
I type 'npm desktop'
Suddenly the whole terminal is filled with an error message
I suddenly realize why
Story of my life -
* package-lock.json * merge conflict
ME: fuck fuck fuck, C-s I-Search: HEAD
ME: this shit is much i can't handle it, fuck
ME: rm package-lock.json ; npm install1 -
I just woke up and on my computer screen there’s big announcement.
Github launching code package registry beta program.
Available repositories: npm, gem, mvn, docker, nuget.1 -
How often does this happen to you?
Hmm I need to install the nodemon package, ok so I enter:
npm install -g nodemon
Result:
npm WARN
npm WARN
npm ERR
npm ERR
npm ERR....
I then wonder why would it not work??? Then after looking at the errors I realise ohh:
sudo npm install -g nodemon
This literally happens to me almost every single time I install a package.8 -
npm audit has gone wild since GitHub (aka Microsoft) acquisition, they surely found a way to influence the community.
Now, guys, embrace the creeping evil until deno is really out.5 -
What do you do when you are hungry/peckish and it's late?
It's 🌃 time and I don't have anything to eat (except maybe some stupid cookies)
I wish I could do
'npm i snacks'
or
'sudo apt-get snacks'
And I would receive snacks from my computer or something..
npm might also give some extra snacks plus ingredients as dependencies 😅
Maybe I can make coffee..☕?2 -
-> Want to install npm
-> Brew install npm failed
-> Think that yarn is an alternative
-> Want to install yarn
-> "npm install yarn"
Reject Front-End, Return Back-End.9 -
Python, fuuuuck youuuu and your stupid packaging system, and python devs who are bashing on js you douchebags ever tried NPM !!26
-
npm fund, shamelessly plugging one single person's funding ad into the whole fucking community platform.
No, thanks. -
"npm i {name} - - save-dev"
-ERROR: "{name} needs {dependency} v5.0.1"
"Oh, okay, I install that one then, no problem"
"npm i {dependency@5.0.1} - - save-dev"
-ERROR: "{dependency@5.0.1} needs {dependency} v3.1.1}
"Oh, okay, makes sens I guess, I'll" install that one to then."
"npm i {dependency@3.1.1} - -save-dev"
ERROR:"Nah"
"Son of a.."8 -
This nice little webpage shows the different dependencies of a npm package as a graph.
Gatsby seems like an implementation due for disaster.
https://npm.anvaka.com//...7 -
use apt-get to install node and npm, use npm to install bower, use bower to install angular... Packageception.1
-
Trying to update yarn from choco.
It didn't detect npm-lts
Got BS by install npm 9.8.0
Nothing is working right now 🤦♂️
I wanna go to gym. But it's 1clock past midnight right now.
God damn it1 -
If only NPM' security team (so pretty much NSP's) would inform the package owners as soon as they discover vulnerabilities and give them the standard 30-90 days to fix them and release a new version before going public, instead of straight out publishing the security audits which generates noise on the terminal (obviously when using npm) and on Github
-
Taking into account the way npm manages dependencies, how many modules do you think I had to include to download the whole npm?
-
Please share your thoughts on Dependabot security alerts on Github, more specifically for NPM packages in package-lock.json.
In 99% of cases I've found them useless as:
- package-lock.json is in the repo, but not in the NPM package (=no value to users)
- most of the updates relate to devDependencies (=no value to users)
- it clutters the git history (and changelog if it is auto-generated) with a batch of patch updates (updated depx to .1, .2, .3) while the only important thing in the next release notes is the delta (updated depx from .1 to .3) (=no value to users)10 -
The moment everything works fine and you just type `npm update` out of boredom and suddenly everything breaks and you spend the rest of the day fixing it...1
-
Microsoft buys JavaScript developer platform npm; plans to integrate it with GitHub.
https://zdnet.com/article/...
Now it's npm. MS is taking on the open source world slowly. What if later they change their motto of "Microsoft loves open source".5 -
I've just published my first npm module/package .For so long, I was feeling bad that I've never shared any code via npm before. So, today I thought of sharing any old code that myabe some people would find useful . I did (also had to add some lines and remove alot of lines to keep it clean and simple) and for my surprise, in few hours it got 45 downloads! although it's angular (1 not 2)
3 -
Monday morning
Get to work
Open email
Ci went crazy
Slack is on fire
Some npm modules deprecated approach
Rewrite docker files
Some other npm modules disappeared.
I hate you web technologies, I hate you developers who make releases Friday night.
I hate everything.
Ffs on the weekend just build Ikea fornitures instead of fiddling with my stack!
Sigh.2 -
Have you ever tried using sqlite3 from npm inside a docker container?
Yeah, it doesn't build on Alpine, despite being among the most popular Linux distros thanks to Docker.1 -
Does anyone work on a bunch of local NPM modules wanna describe their workflow for local dev vs deploy?
I’ve got mine but it feels a little trashy. It’s basically one npm script to link all the local modules for dev and another which will npm install them in prod - is there a better way without adding more build tools?1 -
- Need a module to work with PDFs
- npm install
- But wait, that requires some dependencies
- And those dependencies require more dependencies
- Python not found
- Issues with env variables and wsl
*Bajillion hours later*
- poppler-qt5 not found
What the hecc is a poppler and why do I need it?
:/11 -
You know it will be a fucking glorious day when you open up that legacy project from 3 years ago.
Calling those NPM package dependencies "outdated" is an understatement...
3 years equals to roughly 1 million new JS hipster frameworks.1 -
What the actual fuck, I installed lodash using "npm install --save lodash" and npm just decided to delete webpack and fuck up the webpack.dev.config.js and actually my whole project... I want to cry
Why the fuck is this fucking thing called npm falling apart at every opportunity it gets 😠1 -
npm you dank pile of shit!
After updating npm I get "Maximum call stack size exceeded" when I use npm install --no-bin-links as usual.
After searching a solution for this shit it seams like the npm devs fucked around with the --no-bin-links option, since this nasty error message vanishes if one downgrade npm.
These goddamn assholes.
Keep your filthy fingers off this option, since it is essentially for windows devs!11 -
I just found another "npm install" meme in my Twitter feed. They don't seem to get old, ever.
And then I remember that Unity Package Manager is npm under the hood. I hope this is not the future of Unity packages.
https://twitter.com/ChrisArter/...1 -
$ git clone some/shit.git dir
$ cd dir
$ npm install
[literally ages later]
$ du -sh node_modules
441M node_modules
fucking what???!2 -
We have huuuge fuckups today with our Frontend regarding deprecated npm modules.
All of my Frontend colleagues are whining because the Jenkins build is failing.
I looked into it, there were missing dependencys that could not be found anymore.
Frontendcolleagues don’t want to do anything because it’s a „Devop problem“.
Fuck my fucking life. -
Just published my first npm package. A Mongoose-like interface for Firebase.
https://npmjs.com/package/firearch/ -
I just had to update a package on Pypi after a number of years. It's kind of a PITA.
And then I realized, it's still better than npm. Wild. -
I hate when programmers never want to go out their comfort zone. They should be relegated into a hell spinned inside a Virtualbox instance.
I have this *** angular setup. We want to try to keep the dev environment congruent between all the colleagues.
The decent programmer would use a node version manager, or try to keep up with everything. LOLNOPE THEY FUCKIN' SPUN A FRIGGIN' VAGRANT VIRTUAL MACHINE RUNNED WITH ADMIN PERMISSIONS which is slowing everyone down. A single "npm i" now requires half an hour.
I tried to use YARN that is faster and makes a mergeable lock, NOPE WE SHOULD KEEP USING THAT STUPID NPM INSTALL that is slow AF and sometimes messes up the versions.
I tried to make 'em use the peerDependencies correctly but LOLNOPE WE SHOULD RELY ONTO THE AUTOMATIC PEERDEP RESOLVER INSIDE NPM7, SO YOU DON'T KNOW IF YOUR VERY SAME LIBRARY IS INCLUDED OR NOT.
Thank god i'm changing job. -
Sigh :/ The npm default to print its own logging messages is so annoying I now do this:
alias npm='npm -s'
npm run my-script // only the output of my script
\npm run my-script // be annoyed by npm log messages1 -
I waiting for the day when I have a problem and there is no npm package that solve it already.
NoSleepjs....5 -
One of the devs stayed an entire week trying to do ‘npm install’ on one of the projects. Took a look xcode is not installed
-
Finally published a demo packaged on npm to learn how it works.
Like it - "Npm loves you" 😜
I'll publish my own package in 2-3 days.
Tip : it seems you can't delete a npm package, you can only unpublish it. -
npm XXXXXX -f
seems to be the only way to make it work... sadly :( Even though I have no idea what I am doing.4 -
Finally I understand the frustrations that is packages and dependencies in npm...
I have never really used node.js, only on windows to help develop a chrome plugin, but trying to do the same thing on Linux, omfg, how is it this bad?
On Windows I just ran the alias "npm start" and is figured out that it needed to install a bunch of stuff, did it and continued compiling.
On Linux I just got one missing dependencie after another... How is it that different?9 -
I have these gulp tasks to preprocess my css and html. months ago it was all polished and working great.
I run the commands today, npm complains about deprecated something and doesn't let me run... I do updates, I try to run again: "Right now osX is not supported".
I literally did not change anything all these months.
Fuck you npm.3 -
Do anyone of you use a npm registry server like verdaccio for caching of packages from npmjs.org?
Today I tried verdaccio within a local docker container.
I successfully connected via npm --registry <registry-url> install
There where no errors, but verdaccio kept delivering packages with 200.
Shouldn't it be 304 since the packages already exist in the storage folder of verdacio?
14 -
For some reason installing python 3.6 broke my NPM commands so i couldnt install any modules globally. The only solution I thought of was reinstalling windows, so the full day of work has been reinstalling everything
Fun times4 -
Node.JS 🟤 Node.JS 🟤 Node.JS
C:\Dev>npm install -g lerna@4
⚠️npm WARN engine lerna@4.0.0: wanted: {"node":">= 10.18.0"} (current: {"node":"0.11.16","npm":"2.3.0"})7 -
Me at 3 front-end tech screenings of candidates with +3y of exp last year: "can you name a few npm commands you have used?"
Candidate:
- "Ehh.. npm start?" (npm start is a shortcut to a user-defined run-script)
- "npm version, it publishes the package" (wrong)
- "not going to pretend I know and sound stupid"
Mind you these candidates were not necessarily bad, but come on? You never used npm info, outdated, audit, install, remove, update, why, link, init?10 -
My first writeup on medium.
hope it helps you to build npm ready angular library components
“How to built npm ready component library with Angular” https://medium.com/@mohanramphp/...
Please give claps for visibility1 -
$ sudo pacman -S npm
$ npm install -g @angular/cli
$ ng new crap
$ du -h crap
366M crap/
me like: "WHAT THE ACTUAL FUCK!!!1"
$ rm -rf crap
$ npm uninstall -g @angular/cli
$ sudo pacman -Rs npm1 -
WTF
npm ERR! publish Failed PUT 403
npm ERR! code E403
npm ERR! You cannot publish over the previously published versions: 1.1.69. : weschemajs
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/lopu/.npm/_logs/2018-09-29T11_20_28_594Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! wepublish@0.0.211 run: `./src/index.sh`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the wepublish@0.0.211 run script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/lopu/.npm/_logs/2018-09-29T11_20_28_638Z-debug.log
lopu@lopu-pro:~/Dropbox/git/weyoume/wepublish/dev-wepublish$ npm view weschemajs version
1.1.63
lopu@lopu-pro:~/Dropbox/git/weyoume/wepublish/dev-wepublish$ npm view weschemajs version
1.1.636 -
!Deno
Being now able to write import 'npm:<name>' and it just working is quite hilarious, not having to use nodejs but still using the projects built on it .. wwwwww25 -
After dealing with npm libs access permissions for an hour, glorious chmod -R 777 came to the rescue.3
-
About to write (and publish) my first npm package with TypeScript. It's basically just for json stream writing because the existing packages suck and/or don't do what I need
Guess my actual project I need this for will have to take a bit longer now -
So today I learned how tree shaking works and I was just about to publish patches to my NPM modules when the registry gave up.10
-
Has anyone else noticed that Inc.com article titles are extremely clickbaity? Seriously though!
Given that, I've built Wormbait for node, it "learns" from 1040 Inc.com titles and predicts if a title is clickbait or not. `npm install -g wormbait` and launch with 'wormbait "is this clickbait"'1 -
Maintained some old Dockerfile. Confused how `npm install` could possibly work as the working dir of that command was a *subfolder* with *no* `package.json`. Yet it verifyably installed into the correct package on build to the parent folder with the `package.json`. I assumed a grunt or npm script taking care of it, yet found nothing. Digging deeper, I realized: [this is by design](https://github.com/npm/npm/...).
-
Can you imagine npm would manage autonomous robots?
and also some horrible mistake would need fix, otherwise somebody would be harmed.
for that you push the update, you did npm outdated 3 days ago, everything looked fine.
Npm outdated today would want you to update by 10 versions. I don't know if I'm alone, but seems weird to me that 10 versions jump has happened ... :D we know npm..
and even weirder is the output of npm outdated compared to what package.json diff: express-status-monitor current version1.1.0 latest 1.1.2
-
How should I name NPM package which works as console log for errors, but throws user to stack overflow page with error massage included in the link?
Found a meme here at DevRant in which this idea was presented, haha.13 -
The amount of time I spend fixing npm dependency issues is really tilting... How does the JS community consider this solving a problem! This reminds me of Java's package issues if anything...1
-
Last week, I start creating a small npm package
And I literally don't know how to create it.
Please check it for the issues and let me know
https://npmjs.com/package/...4 -
There are definitely too many Javascript libraries, if only because every name that I want on npm is already taken 😔4
-
Guys, please be mindful of your dependencies. I just ran "npm install" and whole hell broke loose.
Imagine having to install 3.6GB of VS2017 C++ junk, just to make the damn node-sass compile.
Obviously the module needs to build on my machine, but one would expect that a nodejs module would not depend on msbuild. Funny how nature does that... -
Ugh! I'm trying to build a gulp-based workflow for WordPress theme development and it just isn't working (or flowing).
I'm debating whether to clear my gulpfile.js altogether and start again or attempt to build an npm-based workflow along these lines: https://keithcirkel.co.uk/how-to-us...2 -
just happened and I swear, NPM is really affecting my brain in a bad way. i was going to install nginx in my ubuntu server. just like any other apt install with slow internet, i went afk to make a coffee, come back realizing something went wrong but it was red (which is unfamilliar), scroll back and figured i was using `npm install nginx` instead of `apt` 🤣
-
Why is npm on windows so fucking horrible. Every fucking time I have to use npm on Windows I encounter a myriad of fucking issues. On MacOS it just seems to fucking work.
FUCK!13 -
So it's been a burden I carried for long.
With the way I set npm up, I unconsciously did the installing process with sudo, and thus can't use npm properly without a sudo.
Is there a rather not convoluted way to set it back up so I don't have to use sudo again for that?11 -
This "binaryextensions" NPM package is a fraud (not to be confused with "binary-extensions"!): https://npmjs.com/package/...; it contains a single JSON array of purportedly "all binary extensions", reaches 700k downloads a week, yet only lists 13 binary extensions (https://github.com/bevry/...).
This is a huge danger to security, especially if it's being used in production environments for input checking. For comparison, here is a much more robust version of a repo with the same goal (https://github.com/sindresorhus/...)1 -
Does anyone know why those web-dev tools: yarn, npm, npx, pnpm don't have man entries? man isn't probably used much anymore, but not having it makes them appear less serious and mature to me.8
-
Every time I update node or an npm dependency and everything seems to break for a couple of hours until I pull it apart and slowly reassemble everything again.
-
How would you name a scoped npm package?
I have a bootstrap theme and a package with angular components. The angular components package is the main feature of the library.
My proposals:
bootstrap-theme - @bla/theme
angular-components - @bla/bla | @bla/ngx | @bla/ngx-bla
or something else?
I need help.3 -
> * npm login *
> puts everything right, uses token because of OTP
> npm login fails: incorrect user or password
you know what, fuck you5 -
I'd like to call out the creator of "noise-gate" for connecting a dynamics compressor to a biquad, configuring them with some arbitrary constants and sharing this marvelous piece of engineering on NPM.1
-
Tried building my first npm module, which is just a wrapper for voice API that supports Angular 4+ Applications. Please check and share your feedback which helps me to improve it.
https://npmjs.com/package/... -
me to myself:
stick with one already
sometimes it's npm run build, npm run prod, npm run production, npm run dev, npm run watch, npm run serve, npm run hot, npm run start.
:D5 -
!rant
Quite an insight
"Is npm worth $2.6M?"
http://words.steveklabnik.com/is-np...
On a read sprint and I am sharing whatever I find interesting. -
time to head into javascript code testing, as i'm annoyed af of testing everything by hand whether my feature works and find the cause to some problems i have encountered
.... but first let me "npm init -y" and "npm i jest" (as the tutorial suggests) real quick in my git project ... whoops😯😐😶🤨 ... woah, ok ... 5000 added files, shit, dependencies 🙄... delete all ... git error😐😥
delete folder manually😪😅
resuming paused tutorial: "and if you've got a git repository, just install jest globally, do not do this in your repo!"
.... just happened to me😑😅2 -
How good of a StackOverflow reputation is enough to show off on a resume? How about NPM downloads?7
-
I’m harvesting credit card numbers and passwords from your site. Here’s how.
The state of npm is just 😢
https://hackernoon.com/im-harvestin...1 -
You cannot upgrade npm via `npm update npm -g` inside a docker container. Yet one can download a npm install skript that performs the installation of the latest npm update ...
Why!? -
Today I tried: pnpm.
Following up my hateful rant against Isaac Schlueter and his decisions on npm.
I went all the way out and tried so many alternatives, honestly found a developer experience much greater than the "official" one.
What triggers me the most is the explicit statement of "other creative means" in this commit https://github.com/npm/arborist/..., you don't talk like that when all other package managers are making creative workarounds for the design failure of node_modules.
I don't know what it is but I really hate this guy.4 -
I need a package repository and I find jfrog artifactory. Seems great, except the OSS version is utterly useless. The pro version is overpriced, and does not support s3 buckets and the Enterprise version is >25k/year, just to store a half dozen npm and PHP packages on s3 storage? Are you fucking kidding me???
How can companies justify this much money for a package manager?9 -
Does anyone know how to create a command on a npm library that download the files in root folder?
Like 'create-react-app'.2 -
There's a special place hell for people who put their entire documentation on using an NPM package in the fucking READ.ME file.
I shouldn't have to play whack a mole through one giant ass file to figure out how a specific function works. Or figure out how specific optional parameters need to be defined.3 -
People! Do you know if there is something similar to gulp and modules like minify, uglify, smooth, etc (for HTML, CSS and JS) that runs in Python instead of nodejs? I can't install nodejs/npm in my job because "open source software is dangerous" :)10
-
Why is Microsoft-GitHub buying npm a big deal ? All I know is that npm is a package manager like pip or conda. And JavaScript is one of the most horribly designed languages.1
-
NPM package – community-health-files
I've just built a NPM package: community-health-files
This package automates the creation and management of key files like CODE_OF_CONDUCT.md, BUG_REPORT.yml, and SECURITY.md for open-source projects. It simplifies the process of maintaining project guidelines, security policies, and codes of conduct, providing a more efficient and organized workflow.
This package helps open-source projects stay organized and compliant, saving you time and effort by handling the setup for you.
I'm always looking for feedback and contributions from the community—whether it's through improving the code, enhancing the documentation, or sharing your ideas.
🌟 Check it out, and if you find it helpful, consider adding a star on GitHub!
🔗 Link to the package on npm: https://lnkd.in/gJFUKudX
🔗 Link to the repo on GitHub: https://lnkd.in/gsGhHA-C4 -
The genius businessman Isaacs Schlueter, who sold a common tool npm to GitHub, forced a breaking change to block yarn in a minor upgrade in August.
Every decision of trading his users for his own business growth is so obvious, so hostile and so badly executed.
Let us give a moment of silent to the damage he's done to the community, I still see comma-first and colon-skipping as an intentional habit in some open source libraries.
This very commit https://github.com/npm/arborist/... breaks so many things at once.4 -
From the look of https://github.com/yarnpkg/berry/..., Microsoft is not (yet) planning to hug "npm audit" as a great evil plan of asserting dominance to the open source community by raising everything into NatSec level and force shortcut releases.
If that's the case alternatives like yarn and pnpm will be removed from the scene, VS Code will be intentionally made incompatible with Yarn's PNP just like how NPM sneaks https://github.com/npm/arborist/... through, under the name of security.
I am still not convinced, it is Microsoft after all. We'll see.
P.S. I will laugh menacingly if that turns out to be ONLY a stupid dream and a poor decision of one single genius businessman. -
Is this DevOps, full-stack, or even just ordinary web development madness, when Docker, npm, and IDE plugins keep bitching around with unhelpful warnings and error messages, until hours after researching contradicting recommendations and tutorials and a lot of trial and error, the tools finally begin to behave in a helpful way again?1
Top Tags
Weekly Rant
View