I'm not in the "every dependency you add is a liability camp", but... how do people find this acceptable? This is a large enough number I'd be surprised if none of them contained malicious code, just from statistics alone
Show this thread
I tried writing some JavaScript today. I tried not to add any frivolous dependencies. I ended up with 18k dependencies. This is not a joke.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
This Tweet is unavailable.
-
But why would Elm be any different? (I understand that it is, but there's no rational reason I can see that this has happened to JS and not other languages, esp things that compile to JS where the anemic std lib argument doesn't even really apply)
- 12 more replies
-
-
-
Would be interesting to know the ratio between direct and indirect dependencies.
-
10 direct dependencies. 3 of those are just typescript definitions
- 6 more replies
New conversation -
-
-
I have reached 50k deps on frontend apps. For example Angular. That's damn crazy!
-
That's more than the entire Rust and Ruby ecosystems combined.
- 5 more replies
New conversation -
-
-
I can't even think of 18k things.
-
There are a *total* of 26k crates on http://crates.io for perspective. 11k on http://rubygems.org (which I feel like must be wrong because why would Rust have more packages than Ruby but that's what https://rubygems.org/gems says).
- 2 more replies
New conversation -
-
-
What are your direct dependencies? If one of them is webpack this isn’t very surprising.
-
Typescript, jest, discord, dotenv
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.