By far the most popular npm package I’ve ever written is blob-util, which is ~10 years old and still gets 5+ million weekly downloads. It’s a small collection of utilities for working w…
I am not much of a Javascript developer; I write mostly Python. And python is famously very much “batteries included”, so these “small” libraries are part of the standard library. I never look at the details unless something has gone quite wrong. I suspect very few people use such libraries as learning opportunities in JS either; they just add it to packages.json and never look back. So I don’t think the loss the author talks about is that big a deal.
If people genuinely take this approach though I think you miss out on collective problem solving. A dependency is a risk, yes, but it’s also an opportunity for other people to have found the bugs that you no longer have to suffer.
I am not much of a Javascript developer; I write mostly Python. And python is famously very much “batteries included”, so these “small” libraries are part of the standard library. I never look at the details unless something has gone quite wrong. I suspect very few people use such libraries as learning opportunities in JS either; they just add it to
packages.jsonand never look back. So I don’t think the loss the author talks about is that big a deal.If people genuinely take this approach though I think you miss out on collective problem solving. A dependency is a risk, yes, but it’s also an opportunity for other people to have found the bugs that you no longer have to suffer.
does a bug exist if nobody has found it