I'm not sure that Deno is the holy grail, I mean, npm (or yarn) aren't that bad are they? 99% of the time it works pretty well and allows us to do powerful stuff ...
And there's a reason for node_modules and package-lock.json and all that - it's to solve certain real-world problems (e.g. managing transitive dependencies) - how is Deno solving these same issues, or is it just not solving them?
Npm isn't just doing complex things for the heck of it, it's to solve real problems. Show me that Deno is solving them in a better way, and we'll talk again :-)
I agree that when everything settles down after we've spent more than ample time getting just the right combinations, yes npm works great.
To say however that 200meg downloads are secure is false, big companies have swept this detail under the carpet.
One last point, I'm also a .Net person for last 20+ years. In that environment adding and removing packages is 99% better than NPM.
Even better is that .Net upgrades work first time 99% of the time.
Also, .Net imports are done one time one place at the solution level. The compiler is smart enough to use imports from one location.
The npm package community (including me)has been dumbed down to accept things as they are due to the allure of free software. It's lack of Security should put all corporate Security Experts into heart attack mode but oddly, it's ignored at the same time as implementing multi-form security, VPN Networks, Domain Level LDAP, and strict userid/password requirements.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I'm not sure that Deno is the holy grail, I mean,
npm(oryarn) aren't that bad are they? 99% of the time it works pretty well and allows us to do powerful stuff ...And there's a reason for
node_modulesandpackage-lock.jsonand all that - it's to solve certain real-world problems (e.g. managing transitive dependencies) - how is Deno solving these same issues, or is it just not solving them?Npm isn't just doing complex things for the heck of it, it's to solve real problems. Show me that Deno is solving them in a better way, and we'll talk again :-)
I agree that when everything settles down after we've spent more than ample time getting just the right combinations, yes npm works great.
To say however that 200meg downloads are secure is false, big companies have swept this detail under the carpet.
One last point, I'm also a .Net person for last 20+ years. In that environment adding and removing packages is 99% better than NPM.
Even better is that .Net upgrades work first time 99% of the time.
Also, .Net imports are done one time one place at the solution level. The compiler is smart enough to use imports from one location.
The npm package community (including me)has been dumbed down to accept things as they are due to the allure of free software. It's lack of Security should put all corporate Security Experts into heart attack mode but oddly, it's ignored at the same time as implementing multi-form security, VPN Networks, Domain Level LDAP, and strict userid/password requirements.