Hacker News new | ask | show | jobs
by monkey_monkey 1516 days ago
> in my experience things like Tailwind are mostly pushed by managers, not developers

In my experience, Tailwind adoption is pushed hard by engineers who use it on side projects and see how delightful it is to use.

And if you think it's unmaintainable, maybe you should explain why you feel that way (apart from your clear distaste for it). My counterpoint is that it's amazing to be able to pick up a project after months or years and instantly understand what's going on.
1 comments
ushakov 1516 days ago
we might have different experiences, but in my view when you take the downsides into account: a build system requirement and very large amount of dependencies, then Tailwind isn't worth it

you should avoid large dependency trees and if possible avoid the JS-ecosystem altogether, because these dependencies introduce security vulnerabilities routinely

we already have web components which support scoped styles, so you can just build a component once and reuse it everywhere else in your code

i'd love to hear more counter-arguments though

link
kaba0 1516 days ago
I really dislike the js ecosystem, but as mentioned in my other comment, there is barely any security risk in shipping a compiled css file. Most of the deps are just there for file system watching and live-reloads.

Regarding web components, you can just use them with tailwind, they are not complementers. Hell, if you want to have a stylized button, of course just write it once, but the reusability comes from it being a component — I really have to question the reusability of CSS styles that are more complex than a few properties. Like, do you honestly reuse the style of a button in your menu? Perhaps the color scheme and font, but those should be variables to begin with.

link
ushakov 1516 days ago
> there is barely any security risk in shipping a compiled css file

not when you require 500 dependencies to actually compile the css

imagine running “npm run build” but instead of getting a css file you get your hard drive wiped out, because some author of random npm module decided it’s April Fool’s day today

this is a hard reality than many are not willing to acknowledge because of all the hype around JS

link
kaba0 1516 days ago
I agree that it is currently a very real security risk but at the same time we should ask ourselves what on Earth are our OSs do? Because my phone could protect me from that 100%. Running arbitrary code should pose no such threat ever.
link