On Wed, Nov 02, 2016 at 12:04:27AM +0100, Marco d'Itri wrote: > On Nov 01, Ian Jackson <ijack...@chiark.greenend.org.uk> wrote: > > > Can you explain why you don't aggregate these into bigger packages, > > for use in Debian ? > Because the node.js ecosystem is toxic and broken in encouraging > relasing software which embeds very specific versions of lots of tiny > libraries, and because Debian is ideologically against duplicating code > in different packages and build systems downloading code ad built time. > > -- > ciao, > Marco
I have to agree with Marco on this from a position of being a watcher on the side rather than an active developer of much from Ruby on Rails / NPM (and, earlier, helping to support users of the Maven build ecosystem). NPM and Node is probably the worst offender - but there's a huge tendency to create "magic environments" which pull in random bits of code to build your software. Most Node bits are tiny - occasionally they'll break ABI / versioning and everything else. This isn't the idea of a stable Debian package. Ruby on Rails is also pretty much the same - Maven was and is the same, with the added complication of difficulty of knowing what you get in millions and millions of parts when the build system hides dependencies and is automagic. Not everyone is well disciplined: most Linux distributions seem to have given up in disgust so we have parallel ecosystems which don't trust or understand the other - but you need a Linux distribution to be able to run it. Meh All the best Andy C.
