this post was submitted on 22 Jul 2023
43 points (100.0% liked)

Programming

13384 readers
1 users here now

All things programming and coding related. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

This seem quite counter intuitive and to be bloating the project: i'm trying to install tsdoc linter, but npm adds like other 50 packages alongside with it, is this the expected behaviour? Why is it so?

A project that could easily be 5MB ends up being like 60MB

you are viewing a single comment's thread
view the rest of the comments
[โ€“] brunofin@lemm.ee 8 points 1 year ago (1 children)

I remember reading about this years ago, even affected internal Facebook dev team when it happened.

[โ€“] JackbyDev@programming.dev 7 points 1 year ago

The dev was (rightfully) angry at NPM about another project and asked NPM to delist all of them. For some reason NPM at the time allowed this. I think they just had never thought about the problems it could cause before. Deployments to package managers, especially open source deployments with irrevocable licences, shouldn't be allowed to be removed. Doubly so once they're depended on. NPM's policy changed and is now more in line with that.

It affected pretty much everyone because some very popular frameworks at the time pulled left pad in transitively through other modules. Then because those popular frameworks did and most everyone was using those frameworks it broke pretty much everyone.