Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I was going to ask how this is different than lunr but I just noticed lunr hasn't been updated for almost 2 years now: https://github.com/olivernn/lunr.js


Yeah, but is that because it's unmaintained or because it's finished?


Anything with npm dependencies requires constant updates. The code may be finished but the dependencies publish security updates that need to be pulled in.


It only has devDependencies: https://github.com/olivernn/lunr.js/blob/master/package.json...


Dev dependencies can be a risk factor too. It is code you are running on your own machine after all.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: