Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Most of the madness that you're describing there isn't inherent in the JavaScript ecosystem, it's more to do with undisciplined development practices that might be more likely to be enabled by JavaScript's flexibility but are by no means required in order to participate.

Don't use libraries that aren't stable. Aggressively trim dependencies. Lock versions and upgrade intentionally. Ideally, use a company registry to cache what you actually want to be using.

Every ecosystem has its problems, and JS+NPM's are largely that it's too good at making everything too easy, leading to an abundance of naive developers building in a naive way.

On the whole I'll take that over the unnecessary barriers in other ecosystems (don't get me started on pip...), but it definitely requires some discipline to navigate safely.



Can you recommend me basic libraries for full stack dev that don't suffer from this? At least logging, ORM, web request handling, authentication, sessions, bundling (edit: and middleware, because apparently that's a separate library).

In every other language I work in there are 1-2 libraries that cover all of this (except bundling which is only relevant to js) and don't require me to step on the versioning treadmill. If I had the same for JS, I'd be much happier writing typescript.

Edit: for example, this week I had to downgrade a dependency (middy) from v5 to v4 all across our services because jest doesn't support I think ejs well enough and v5 dropped support for all other ways to do modules. It tooks hours of fighting to find the right combination of deleting the lock file, deleting various node_modules dirs and running npm i that actually replaced the installed v5 with v4.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: