This is a good takehttps://twitter.com/jamiebuilds/status/1017556173191385088 …
-
-
I've been writing and deleting tweets all day about npm. I've dragged them publicly before but have been hesitant this time. I feel bad for people at npm who get anger at npm (the company) directed toward them. That sucks.
1 reply 0 retweets 0 likesShow this thread -
I've personally seen enough precedent with npm (the company) that makes me think their place as a pseudo-monopoly VC backed company has some serious downside for the larger javascript community. I'm not sure how to fix that without pain.
2 replies 0 retweets 1 likeShow this thread -
Is there some alternate timeline where npm never took the VC money and things are better? Maybe. But who cares. It is not the world we live in.
1 reply 0 retweets 0 likesShow this thread -
There are other non-security risks too. What happens if npm stops making money? What if they get sued into oblivion? Businesses fail for all kinds of reasons.
1 reply 0 retweets 0 likesShow this thread -
In conclusion... - be nice to people that work at npm - I'd like to see
@nodejs form a committee to proactively address the situation. Come up with options that disentangle the JS community from the fate of a single VC backed startup.1 reply 1 retweet 1 likeShow this thread -
Replying to @southpolesteve @nodejs
I want sandboxed nodejs, that could then get us sandboxed installs and sandboxed runtimes. The open source npm clients could all take advantage of it. (Npm-cli and yarn)
1 reply 1 retweet 1 like -
I'm for an open source registry but it sure ain't a blocker to getting this stuff in line. And if npm Inc ever goes away, none of the data will go with it.
1 reply 1 retweet 1 like -
Sure! I can see sandboxed node as an option such a commite could propose.
1 reply 0 retweets 1 like
an open public dialogue is prob the most critical part. It feels to me like npm+node.js is still a taboo topic. Maybe the battle you mentioned is still being fought behind the scenes? Its also possible discussions are happening in the open and I'm not aware.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.