|
|
|
|
|
|
by techpression
739 days ago
|
|
|
NPM is anything but fun, I’ve seen tertiary dependencies cause complete application failures due to bad patch version releases. Packages depending on packages not maintained or containing security issues. I don’t know how many times Next has released broken updates without any mention of it in their change log and then you find a GH issue where it’s essentially “works on vercel hosting”… Easy to find developers is often touted as a plus, but the process for making sure you get the right ones are scarce, and JS code bases almost always ends up as complete spaghetti as a result. As someone doing JavaScript for a very long time my statement is that it’s one of the hardest ecosystems to get right and it requires exceptional developers to do so, unfortunately it’s also where many start their journey and without exposure to other technologies becoming great at it is very hard. The fact that I can do `mix hex.outdated` and get a code diff on dependency changes makes me smile every time, compared to the insanity that is updating npm packages in any sizeable project with hundreds of updates weekly. |
|
|