JS on the backend was a mistake.
Typo squatting is not unique to JS.
Comment on Roblox Game Devs Duped by Malicious npm Packages
colonial@lemmy.world 1 year ago
At some point, npm supply chain attacks are going to stop being news and start being “Tuesday.”
… JS on the backend was a mistake.
JackbyDev@programming.dev 1 year ago
colonial@lemmy.world 1 year ago
True, but it’s uniquely bad in the JS world. Developers tend to rely on libraries in almost cartoonish excess.
- The language is shit in general, leading to an endless parade of frameworks and packages designed to paper over the sore spots.
- The lack of a well-rounded One True Standard Library™ means lots of trivial functionality needs to come from somewhere.
- Micro-dependencies are commonplace, leading to bloated dependency trees. I’d guess this is caused by a combination of both culture and the fact that you often want your JS artifacts to be as lean as possible.
noli@programming.dev 1 year ago
JS was a mistake.
kattenluik@feddit.nl 1 year ago
It wouldn’t have been if it kept to the original purpose of some simple tasks and such, but we can’t have nice things.