| ▲ | karel-3d 6 days ago | |||||||
There is apparently a tool, that you can upload your package.json and it will show you how much dependencies are controlled by ljharb | ||||||||
| ▲ | rschristian 2 days ago | parent | next [-] | |||||||
Ha, was wondering why I started getting a few more stars all of a sudden. For extra context: I created the tool ~9 months prior to the meltdown as one could vaguely mention an individual trolling over NPM deps and absolutely everyone in the ecosystem with a bit of experience would know who was being referred to, aka, "You Know Who". And, if you dared mention him by name, he'd eventually show up reciting his download counts in endless "appeal to authority"-style arguments, trying to brow-beat people into accepting that he knows more or whatever, ergo, "He Who Must Not Be Named" (at least, if you didn't want him being annoying in your mentions). There's a number of "-phobia" apps in the ecosystem and given the negative impact he has on dependency trees, it felt fitting to offer a similar, somewhat satirical, app to detect how much of your dependency tree he controlled. | ||||||||
| ▲ | dvfjsdhgfv 6 days ago | parent | prev | next [-] | |||||||
It looks like if I wanted to install a particular piece of software on many modern websites and I didn't have enough resources to hack node itself, talking to this guy would be a logical choice. | ||||||||
| ||||||||
| ▲ | goriv 5 days ago | parent | prev [-] | |||||||
Damn, I just checked a random express project I built and there are a lot of things underlined in red there. I think the most amazing one is https://www.npmjs.com/package/is-number-object, which has a stupidly large dependency tree. | ||||||||