|
|
|
|
|
|
by re-thc
5 days ago
|
|
|
> So all of these setup scripts (good or bad) can just move their entrypoint from npm to wherever the `import` or `require` happens. That would / could kill performance > Usually, you run the actual packaged dependency code at some point anyway, and usually with the same permissions as the install process. So I doubt most people trace every dependency they install all the way. So sometimes it comes upstream. Maybe you don't run it. It could have been a dev dependency accidentally set for runtime and now you have it. |
|
|