[ljm]

This is going to be cynical, but as far as I understand it people are looking for usability through vanity.

Why not install `com.facebook.react’? Reverse domain notation is remarkably elegant given our internet. You are not typing ‘npm i com.facebook.react’ so often that it’s a pain. You probably use ‘create-react-app’ which is even worse.

Instead, every language creates a new cash grab for common names. And made it worse. New namespaces, new squatting. I can publish ‘react-racket’ and do whatever I want behind the scenes with it.

Case in point: do you add coffeescript or coffee-script.

Why optimise for keystrokes in your term instead of stability for your client? Jesus fuck.

[gowld]

The JavaScript community is moving into the Enterprise and is discovering Java's good ideas from 1995

[bigiain]

Excellent.

A whole quarter of a century, or perhaps half of the entire software industries lifetime, of exciting known security errors to look forward to!

BRB, off to hide all my bitcoin under my mattress...

[jeswin]

> Why not install `com.facebook.react’?

That would be a bad idea, and it's not just brevity.

- If com.facebook.hr has previously been published, would it mean that facebook can never have a division named HR?

- Once a company goes belly up, the domain often ends up with squatters/spammers. Domains with published packages will sell for a lot more in the underground market - for pure exploitation of rights to publish a newer version.

- In the absence of validation, nothing stops anyone from publishing com.google.exploitlib. And domain validation is friction.

- Most publishers on npm may not have a domain.

And finally like someone mentioned below, npm already supports scoped packages. https://docs.npmjs.com/about-scopes

[oblio]

Regarding your concerns, some friction is necessary. Without friction I can skate, but I can't drive.

[kall]

There's a little bit of movement happening in that direction in the npm world with scoped packages. E.g. babel moving all official packages to @babel. Storybook does it too. Doesn't even have to be much of a branding loss. FB could publish @react/react, @react/native, @react/eslint-config, @react/create-app, @react/prop-types, @react/dom... Most of the typing is happening in require/import not npm install, so there's some argument for not going the full java route.