Hacker News new | ask | show | jobs
by edgyquant 1553 days ago
I don’t think it is understood. Most people who write JavaScript aren’t keeping up with the latest drama. I hadn’t seen any of these political complaints before this thread and I’m a lead engineer on a full stack typescript stack. Not that I have an opinion either way I just don’t think you can reasonably expect devs to keep up with stuff like this.
2 comments
ocdtrekkie 1553 days ago
I think if you pull in code from all sorts of random people across the Internet, you probably absolutely should have some idea what risks that entails, and stay aware of the "latest drama", so you know when running "npm update" is likely to ruin the rest of your day.

Of course, the ideal solution is just to not use an ecosystem where pulling in code from all sorts of random people is common.

link
edgyquant 1553 days ago
Hard disagree. Needing to follow the politics of every piece of your tech stack is a ridiculous way of doing things. We should have a system to verify if a module is malicious or not, that’s an engineering problem, politicking about in open source communities is not. Engineers should be engineering things.
link
ocdtrekkie 1553 days ago
You can not engineer away human problems. I agree that's a ridiculous way of doing things, but it's the only reasonable way to use Node! Which is to say, I think Node is not a great tech stack if you do not want to follow drama.

Adding an antivirus scanner to your Node project is not going to fix this. It certainly hasn't solved the malware issue in the last few decades for PCs.

link
edgyquant 1553 days ago
At the very least don’t task your principle engineer with solving human problems then. I stand by my initial comment that that is a waste of a good engineers time and mental health.
link
ep103 1553 days ago
I think keeping up on things like this is the bare minimum expectation I would have of any lead developer worth his or her salt, because keeping up on things like this is a fundamental aspect of knowing the technological ecosystem in which you claim to have the skills and knowledge in which to make decisions about things like which technical ecosystem your entire team should be using.

Whether or not most engineers _do_ keep up on things like this, is a different question. But that's why there's a large range in salaries for similar positions across our industry.

link
duxup 1553 days ago
>I think keeping up on things like this

Keeping up on actual code related concerns yeah. Internet drama, no.

link