• Admiral Patrick
    link
    fedilink
    English
    42
    edit-2
    10 months ago

    I always reel in horror when projects have tiny, ‘negligible to implement yourself’ functions like these as dependencies. See also: is-even 🙄

    Edit: is-even has a dependency on is-odd which has a dependency on is-number. 🤦‍♂️

    • @cbarrick
      link
      English
      1310 months ago

      I think is-odd is intentionally a reference to / satire of leftpad

    • GigglyBobble
      link
      fedilink
      11
      edit-2
      10 months ago

      And the whole implementation of is-number which is at version 7.0.0:

      module.exports = function(num) {
        if (typeof num === 'number') {
          return num - num === 0;
        }
        if (typeof num === 'string' && num.trim() !== '') {
          return Number.isFinite ? Number.isFinite(+num) : isFinite(+num);
        }
        return false;
      };
      
      

      The node.js ecosystem has always been madness.

    • LazaroFilm
      link
      English
      1010 months ago

      At this point it’s just a joke. Is there a npm for console log? I’ll have to check.

    • Pennomi
      link
      English
      10
      edit-2
      10 months ago

      JavaScript is a dangerous shitshow for this exact reason. Dependencies are a security and stability nightmare.

      • Admiral Patrick
        link
        fedilink
        English
        9
        edit-2
        10 months ago

        Eh, I’d say any language that offers a package repository is just as susceptible. I’m neither pro- nor anti- dependency, but I do always try to keep them to an absolute minimum regardless of what environment I’m working in. Sometimes it makes sense to not reinvent the wheel.

        • Pennomi
          link
          English
          910 months ago

          Yes, but other languages have exponentially fewer packages that install when you add something, making the attack vector smaller and easier to monitor.

          The best way to fix this is for library authors to avoid installing as many sub-dependencies as possible (is-odd, being an obvious example). But that’s a fundamental culture problem.

        • Jo Miran
          link
          fedilink
          English
          2
          edit-2
          10 months ago

          This is why I only code in Assembly. /jk

    • Aatube
      link
      fedilink
      410 months ago

      Created by the organization “i-voted-for-trump”

      • Admiral Patrick
        link
        fedilink
        English
        510 months ago

        Lol, I saw that. If you go to their main page, it’s explained that it’s a joke.

        • Aatube
          link
          fedilink
          2
          edit-2
          10 months ago

          Yeah, Trump didn’t even exist in 2014!

          /s

          he never did

          • EmasXP
            link
            English
            110 months ago

            Hah, even!