729
average day in NPM land (programming.dev)
you are viewing a single comment's thread
view the rest of the comments
[-] GammaGames@beehaw.org 25 points 3 months ago* (last edited 3 months ago)

It handles a few weird edge cases, mostly. Only 7 meaningful lines of code and almost 70M downloads week!

[-] ptz@dubvee.org 27 points 3 months ago

Sadly, it's a stupid dependency of a lot of things.

Just ran npm explain is-number on one of my projects, and it's a dependency of to-regex-range which is a dependency of fill-range which is a dependency of....and so on up the chain.

I was hoping I wouldn't find that in there, but alas, it is.

[-] apotheotic@beehaw.org 33 points 3 months ago

Given that this screenshot is about to-regex-range I think they might be on to something!

[-] ptz@dubvee.org 22 points 3 months ago

🤦‍♂️😆

Didn't even catch that in the screenshot. lol

[-] nickwitha_k@lemmy.sdf.org 8 points 3 months ago* (last edited 3 months ago)

I don't get the concept that depending on 7 lines of code from a third-party package is remotely acceptable. It's expanding the potential attack surface to save a dev from templating 7 lines of boilerplate. There's no net benefit or appreciable time saved.

I'm glad I don't have to deal with this regularly.

ETA: The package is even MIT licensed! There's no excuse but laziness and not wanting to understand the code to import this rather than inlining or implementing a novel version. If I can spend the time to write:

if err != nil {
  slog.Warn("well shit", "error", err)
  return err
}

after every function call...I just didn't get it.

[-] GammaGames@beehaw.org 5 points 3 months ago

You’re right, it’s not sane! The js ecosystem is hell

this post was submitted on 31 Jul 2024
729 points (99.3% liked)

Programmer Humor

19503 readers
403 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS