[peanut_worm]

Why can’t there just be multiple curated repositories like how Linux distros do it?

Having NPM just be a free-for-all is a ticking time bomb. It is only a matter of time before an event like this results in something very serious.

[chakkepolja]

There are just too many micropackages to properly look at. A basic react app created using official method (CRA) was 200MB something last time I tried.

NpmJS echo system is cancer.

[jacques_chester]

Scale, basically. There are too many packages to fully curate.