[borntyping]

The npm repository is the largest package repository in the world. A lot of the major incidents they've could have happened to other ecosystems (e.g. PyPi allows a user to delete packages that other packages depend on), but they've either not happened or haven't had as large an impact. When npm breaks, everyone notices, because everyone either uses npm or knows someone who does.

[megaman22]

Largely because Javacsript is so broken by default that it is almost required to depend on a whole slew of dependencies for functionality other languages contain in their built-in standard libraries. And furthermore, NPM dependencies are broken down into stupidly small units, versioned rapidly, and enforces very little consistency among transitive dependencies.

Other languages and package management systems don't encourage this kind of insanity.

[abritinthebay]

I’m impressed. Not one thing you just said is accurate.

[kevingadd]

I'm impressed, because everything they said is accurate.

[abritinthebay]

I know HN is basically an industry wide joke for JS discussion but no, none of that is accurate.

Most of it is plain wrong, though some of it is misapplied frustration to the wrong target.

But again, I guess I shouldn’t expect more from HN.

[megaman22]

What exactly is wrong?