Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
CivBase 8 hours ago

It'd be really cool (and probably useful) if someone could figure out a way to generate diagrams like this for any software project.

You'd first need to figure out a way to generate a complete dependency tree. For each box, I interpret its height as a measure of its complexity and its width as a measure of the support it receives. The hardest part would probably be figuring out a way to quantitatively measure those values.

TonyStr 8 hours ago | parent | next [-]

One naiive solution could be to cloc the dependency and use the size as the height, and fetch number of github contributors as width

BoppreH 7 hours ago | parent | prev [-]

Ask and you shall receive: https://stacktower.io/

CivBase 5 hours ago | parent | next [-]

Oh cool. That's a promising start.

I don't know if the "The Nebraska Guy Ranking" this project uses is very useful, though. In particular the "depth" criteria doesn't make much sense to me, since it assumes the more foundational a dependency is, the more robust it must be. This seems to run counter to the point of the original comic where the "Nebraska Guy" piece was the fragile block holding up the entire tower.

This project also doesn't attempt to measure or visualize the complexity of a project. Theoretically a more complex project would require more support than a simple one, so I think that's an important metric to capture.

withinboredom 7 hours ago | parent | prev [-]

bro. it asks for the ability for some random github user to literally take over your private repositories.

matzehuels 15 minutes ago | parent | next [-]

You’re 100% right to call that out. The current GitHub OAuth scope is too broad

I’m changing this ASAP to least-privilege and I’ll publish a clear explanation of scopes + data handling. In the meantime: please run the local/CLI path if you want zero-trust.

withinboredom 10 minutes ago | parent [-]

Damn dude. That’s awesome! I saw the permissions it wanted out of every org I’m a part of (including some big open source orgs) — I’d probably find myself booted out of those orgs if I accepted that. They def get a notification on every authentication like that and take potential impersonation seriously.

claar 4 hours ago | parent | prev [-]

Yeah, if it weren't for that, I think this would blow up. Plus, even if you get past that, if you try a larger project, it times out after 1 minute and gives up. But it's a pretty awesome idea!

matzehuels 18 minutes ago | parent [-]

hey! I built this, I know its really scrappy, I just don't have enough time currently to make right by users. I'm on it though... stay tuned