I’m following the odin project to learn web development. I had read about malicious packages in npm multiple times, so I avoided it until now. I’m on the webpack lesson now, and to use webpack, I need to install it using npm. I also see that it has many dependencies, and those dependencies will have other depenedencies and so on.

Why is it like this? Is there any other tool like webpack that doesn’t require npm? Or rather, can someone clarify how to properly use npm or link a guide that explains it? I have this kind of fear and reluctance about using npm after all the things I read.

  • @[email protected]OP
    link
    fedilink
    12 months ago

    I don’t really understand a lot of things in the repo
    I’ll have a look at it sometime later thanks

    For now I have made a container image with node installed in it after following some guides
    I enter the project directory and then run this
    podman run -it --rm -p 8080:8080 -v $(pwd):/app/$(basename "$PWD"):z my-node-image:latest

    • @madnificent
      link
      22 months ago

      Looks good to me.

      docker-ember largely automates such a setup with specific mounts for linking node modules from other folders, being able to bind to localhost for when you run the backend on your own machine, and exposing ports for livereload. May include other secret sauce. Some of that is closely tied to EmberJS.

      I’m a fan of using tools you understand. What you show here is comprehensible and sufficient for now👌