| ▲ | reconnecting 6 hours ago |
| We chose to write our platform for product security analytics (1) with PHP, primarily because it still allows us to create a platform without bringing in over 100 dependencies just to render one page. I know this is a controversial approach, but it still works well in our case. "require": {
"php": ">=8.0", "ext-mbstring": "*",
"bcosca/fatfree-core": "3.9.1",
"phpmailer/phpmailer": "6.9.3",
"ruler/ruler": "0.4.0",
"matomo/device-detector": "6.4.7" }
1. https://github.com/tirrenotechnologies/tirreno |
|
| ▲ | embedding-shape 6 hours ago | parent | next [-] |
| Not sure what the language has anything to do with it, we've built JavaScript applications within pulling in 100s of NPM packages before NPM was a thing, people and organizations can still do so today, without having to switch language, if they don't want to. Does it require disciple and a project not run by developers who just learned program? You betcha. |
| |
| ▲ | reconnecting 5 hours ago | parent [-] | | I might say that every interpreter has a different minimum dependency level just to create a simple application. If we're talking about Node.js, there's a long list of dependencies by default. So yes, in comparison, modern vanilla PHP with some level of developer discipline (as you mentioned) is actually quite suitable, but unfortunately not popular, for low-dependency development of web applications. | | |
| ▲ | cosmic_cheese 4 hours ago | parent | next [-] | | The language and capabilities of the platform indeed have a lot of influence on how many packages the average project depends on. With Swift on iOS/macOS for instance it’s not strange at all for an app to have a dependency tree consisting of only 5-10 third party packages total, and with a little discipline one can often get that number down to <5. Why? Because between the language itself, UIKit/AppKit, and SwiftUI, nearly all needs are pretty well covered. I think it’s time to beef up both JavaScript itself as well as the platforms where it’s run (such as the browser and Node), so people don’t feel nearly as much of a need to pull in tons of dependencies. | | |
| ▲ | skydhash 15 minutes ago | parent [-] | | You can do that with node.js too. It’s the libraries themselves that tries to bring in the whole world. It’s a matter of culture. |
| |
| ▲ | embedding-shape 5 hours ago | parent | prev [-] | | > If we're talking about Node.js, there's a long list of dependencies by default. But that's not true? I initialize a project locally, there is zero dependencies by default, and like I did five years ago, I can still build backend/frontend projects with minimal set of dependencies. What changed is what people are willing/OK with doing. Yes, it'll require more effort, obviously, but if you want things to be built properly, it usually takes more effort. | | |
| ▲ | reconnecting 5 hours ago | parent [-] | | Perhaps, the right wording here might be that Node.js encourages the use of npm packages even for simple tasks. I agree that in any case, it's the courage/discipline that comes before the language choice when creating low-dependency applications. |
|
|
|
|
| ▲ | Zagitta 6 hours ago | parent | prev [-] |
| Ah yes PHP, the language known for its strong security... |
| |
| ▲ | reconnecting 5 hours ago | parent | next [-] | | Oh yes, let's remember PHP 4.3 and all the nostalgic baggage from that era. | |
| ▲ | zwnow 5 hours ago | parent | prev [-] | | Modern PHP is leagues above Javascript | | |
| ▲ | friendzis 4 hours ago | parent | next [-] | | That's not a high bar to clear | |
| ▲ | root_axis 4 hours ago | parent | prev [-] | | How so? | | |
| ▲ | zwnow 3 hours ago | parent [-] | | 7.0 added scalar type declarations and a mechanism for strong typing. PHP 8.0 added union types and mixed types. PHP enforces types at runtime, Javascript/Typescript do not. PHP typesystem is built into the language, with Js u either need jsdoc or Typescript both of which wont enforce runtime type checks, Typescript even adds a buildstep. php-fpm allows u to not care about concurrency too much because of an isolated process execution model, with js based apps you need to be extremely careful about concurrency because of how easy you can create and access global stuff.
PHP also added a lot of syntax sugar over the time especially with 8.5 my beloved pipe operator.
And the ecosystem is not as fragile as Javascripts. |
|
|
|
