Hacker News new | ask | show | jobs
by nevernude 1372 days ago
I don't think it will be a major concern. A couple of thoughts:

- We built a simulation[1] of the NPM ecosystem to see how funds would be allocated. Frivolous projects did not see any significant funding.

- As I mentioned in other comments, you would still need to get many developer to actually use your new packages as either direct or second-order dependencies. Note that 2nd order dependencies receive quite a bit less allocation than direct ones.

- You can always manually manage your dependencies if you see a project engaging in this behavior.

1. https://simulation.stackaid.us/projects
1 comments
qwerty3344 1372 days ago
In the simulation you can see very common helper deps do receive quite a disproportionate amount of funding relative to the effort to maintain though. For example, `rimraf` (~400 LOC), `del` (~100 LOC), `cross-env` (this one is archived) all receive a ton of funding, whereas major projects like `electron` get a small amount since it's not used as often even though it would be much more impactful if it were to fall into disrepair.
link
boxcarr 1372 days ago
We thought a lot about the fairness of allocation. Large funding for tiny packages is a clear edge case of the StackAid model.

We are thinking through how to give subscriptions control over projects and organizations to exclude, so you could choose to exclude tiny dependencies in your subscription.

That said, defaults matter, and so it's still worth considering the implications of small projects getting a large amount of funding:

1. Subscriptions/open source repositories might be ok with a rimraf getting a lot of money, especially if it funds those developers to build other things that are high impact.

2. It might also inspire other open source projects to potentially compete for those funds in terms of offering something more or encouraging tooling that incorporates that functionality, thus creating a smaller set of dependencies.

Re: Electron getting much less than these smaller projects in the simulation. Electron getting less money is a function of the NPM packages we discovered and sampled. That could or could not be a representative set. You could argue that Electron shows up more in non-public repositories. It doesn't mean that Electron would get more money than rimraf, but the gap could be significantly less.

link