• TootSweet@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    3 months ago

    I’ve literally told my coworkers “I’m not saying we should never use dependencies. But every time you add a dependency, you should hate yourself a little bit more. Some self flagellation can’t hurt either.”

    • lad@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      So, every time I use a library to recognize patterns on a picture, to interact with Kafka, do some SSL, or do database mapping, I should hate myself, noted

      We did Elastic API integration in Java by creating and maintaining huge half-codegenerated transformer from code to Elasticsearch’s JSONs, it was a pain and it was source of more than one error

      Dependences should be reviewed and audited to make sure they do what you need and they are worth using. Just making everything in-house gets you nowhere most of the time

      • aaro@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        Nobody is arguing that you should never depend on anything and create everything yourself, but adding a dependency for literally a one liner function is awful. Like one of the Go proverbs goes, a little copying is better than a little dependency.

  • josefo@leminal.space
    link
    fedilink
    arrow-up
    1
    ·
    2 months ago

    I really need a community here solely dedicated to GitHub drama. This is so much better than Twitter drama, more relatable.

    • elxeno@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 months ago

      Look at what you’re missing!

      Edit: also, is-odd depends on is-number

      • JackbyDev@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        Heaven forbid they make a package is-even-or-odd with both. Wait. Don’t give them ideas. They’ll just make it depend on both.

      • boonhet@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        2 months ago

        These are both made by the same person from this PR (who also made both the package the PR is on, and the is-number package that is being removed as a dep)

      • darklamer@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        3 months ago

        Sure, but when was the last time you saw, say, a Python project using some third-party library instead of simply calling isnumeric() from the standard library?

        There’s a reason for these jokes always being about Javascript.

        • FlorianSimon@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          2 months ago

          Python has other stupid problems related to pip. As much as stupid micro-dependencies suck in Javascript, they’re not the shitshow managing dependencies in Python is. It’s an inefficiency that never actually caused me noticeable issues in my former webdev life.

          And let’s not talk about C++… People reinvent all sorts of wheels all the time because sharing anything is so annoying.

  • KillingTimeItself@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    i think programmers need a self inflicted rule of it being less than 500 lines of code means you need to write it instead of using a pre written package/library.

    On the other hand, we could make the packages like is-number the worst possible way of checking if something is a number, which would be really fucking funny…

  • Randelung@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    2 months ago

    Seems to me the only reason for these kind of dependencies to exist in the first place is that people really, really, really, REALLY can’t code.

  • EnderMB@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    I’ve honestly never understood why someone at Google or Mozilla hasn’t decided to write a JavaScript Standard Library.

    I’m not opposed to NPM, because dumb shit like this happens everywhere. If such a package is used millions of times a day, perhaps it would make sense to standardise it and have it as part of the fucking browser or node runtime…

    • seatwiggy@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      There’s a js runtime called bun that is 90-something% feature equivalent to node and also has built in alternatives to many packages like express and bcrypt. I haven’t used it myself so I can’t speak to its quality but it’s always nice to see a little competition

      • Dr. Moose@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        So is Deno! You can easily import npm: and node: packages and run typescript without transpiling. With Bun and Deno there’s no reason to use Node tbh.

        • sfxrlz@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          For starting new projects i absolut agree. At work we have a legacy react app that just will not run on bun and for deno we would probably have to rewrite some stuff.

    • mindbleach@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      2 months ago

      That’s basically how Javascript gets extended. I put off learning jQuery for so long that all the features I’d want are now standard.

      • dan@upvote.au
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        Vanilla JS is pretty good on the client side, but leaves a lot to be desired on the server side in Node.js, even if you include the standard Node.js modules.

        For example, there’s no built-in way to connect to a database of any sort, nor is there a way to easily create a basic HTTP REST API - the built in HTTP module is just raw HTTP, with no URL routing, no way to automatically JSON encode responses, no standardized error handling, no middleware layer, etc.

        This means that practically every Node.js app imports third-party modules, and they vary wildly in quality. Some are fantastic, some are okay, and some are absolutely horrible yet somehow get millions of downloads per week.

      • hswolf@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        Sometimes it’s hard to detach It, specially dealing with web dev.

        The browser expects JS, since JS was made for the browser, so you make a front in JS. But now you need a back, and hey, you already have all models and repos in JS, might as well make the back with JS.

        It’s a vicious cycle. Honestly, JS is fine for either if you are component enough (ie. not using stuff like “is-number”), don’t get the hate on It.

        • rimjob_rainer@discuss.tchncs.de
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          No, JS is for scripts, it should have never been a whole framework for a frontend. But we can’t get away from it now, because it’s the only thing we have for browsers.