|
> 1000+ dependency from NPM I've been working with Node in hobby projects since around 2012, been paid for it since 2016, and still don't understand why is that such a problem. Compared to other language ecosystems, each of those dependencies is smaller and more atomic. If anything, it's closer to the "unix way" of small tools that do one thing and doing it well, rather then developing huge mega-libraries. Since these libraries are smaller, it's easier to change one for another. Because of that, community is much less likely to settle on one standard way of doing things just because of "how things are done here", and ecosystem continues to evolve and find better ways of writing code. Would any other language ecosystem that is widely used in production go from callbacks to different promise libraries, to standard promise api to async? I don't think so. (Edit: strike that, Rust seems to have done it too. Well, Rust is also awesome). Of course, it means that you have to learn more; but it also leads to things actually becoming better, and not because of some central mandate by language committee, but as a result of a more decentralised gradual evolution. (Not completely decentralised, just compared to alternatives). In any other ecosystem, pushing a pull request to any framework or library feels like something that you would do only after spending a couple of days of learning all the ropes of this codebase; in NPM, I've done meaningful contribution to a library less then an hour after learning about it's existence. |
Some reasons it's a problem:
- it's slows and disrupts the development process
- packages get abandoned very easily; not many packages are highly popular/active
- security audits are essentially impossible
> Of course, it means that you have to learn more
JavaScript takes this to an extreme. It literally takes daily effort to keep up.
> In any other ecosystem, pushing a pull request to any framework or library feels like something that you would do only after spending a couple of days of learning all the ropes of this codebase
So you prefer an ecosystem created by amateurs? After years of working with PHP and JavaScript, I don't.