| ▲ | sph 6 hours ago | |
> In the early days the Node ecosystem adopted (from Unix) the notion that everything has to be its own micro package. The medium is the message. If a language creates a very convenient package manager that completely eliminates the friction of sharing code, practically any permutation of code will be shared as a library. As productivity is the most important metric for most companies, devs will prefer the conveniently-shared third-party library instead of implementing something from scratch. And this is the result. I don't believe you can have packaging convenience and avoiding dependency hell. You need some amount of friction. | ||
| ▲ | skydhash 6 hours ago | parent [-] | |
It’s not even the convenience. It’s about trust. Npm makes it so that as soon as you add something to the dependency list, you trust the third party so completely you’re willing to run their code on your system as soon as they push an update. It’s essentially remote execution a la carte. | ||