729
average day in NPM land (programming.dev)
you are viewing a single comment's thread
view the rest of the comments
[-] floofloof@lemmy.ca 106 points 3 months ago* (last edited 3 months ago)

It looks like "is-number" was never more than a few simple lines of code. It still has 68 million downloads per week.

https://www.npmjs.com/package/is-number

I checked one of our main projects at work, and it's in there as a dependency 6 levels deep via the "sass" package.

[-] sushibowl@feddit.nl 50 points 3 months ago

is-number is a project by John Schlinkert. John has a background in sales and marketing before he became an open source programmer and started creating these types of single function packages. So far he has about 1400 projects. Not all of them are this small, though many are.

He builds a lot of very basic functionality packages. Get the first n values from an array. Sort an array. Set a non-enumerable property on an object. Split a string. Get the length of the longest item in an array. Check if a path ends with some string. It goes on and on.

If you browse through it's not uncommon to find packages that do nothing but call another package of his. For example, is-valid-path provides a function to check if a windows path contains any invalid characters. The only thing it does is import and call another package, is-invalid-path, and inverses its output.

He has a package called alphabet that only exports an array with all the letters of the alphabet. There's a package that provides a list of phrases that could mean "yes." He has a package (ansi-wrap) to wrap text in ANSI color escape codes, then he has separate packages to wrap text in every color name (ansi-red, ansi-cyan, etc).

To me, 1400 projects is just an insane number, and it's only possible because they are all so trivial. To me, it very much looks like the work of someone who cares a lot about pumping up his numbers and looking impressive. However the JavaScript world also extolled the virtues of these types of micro packages at some point so what do I know.

[-] notnotmike@programming.dev 17 points 3 months ago

Wow you're right, he's the author of the infamous "is-odd" and "is-even" packages. What an odd person.

Someone in the OP PR mentioned the amount of energy used to download these tiny packages and its actually something crazy to think about

[-] floofloof@lemmy.ca 8 points 3 months ago

It makes you wonder why anyone uses them though, since so many of them do things that are trivial in modern JavaScript.

[-] nickwitha_k@lemmy.sdf.org 6 points 3 months ago

And anyone who has been around for a while should remember when left-pad broke node.js. Including unnecessary dependencies, instead of writing trivial code is just bad practice.

[-] nickwitha_k@lemmy.sdf.org 3 points 3 months ago

To me, 1400 projects is just an insane number, and it's only possible because they are all so trivial.

Holy shit. I'm going to have to go through my team's dependencies. I don't feel confident that someone "maintaining" that many projects is going to be able to keep all bad actors at bay. Not to mention, none of the examples of his libraries that I've seen SHOULD be libraries.

[-] far_university190@feddit.org 25 points 3 months ago

What a sassy package depency

this post was submitted on 31 Jul 2024
729 points (99.3% liked)

Programmer Humor

19503 readers
403 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS