On 2016-11-02.07:41, Andrew M.A. Cater wrote: > On Wed, Nov 02, 2016 at 12:04:27AM +0100, Marco d'Itri wrote: > > On Nov 01, Ian Jackson <ijack...@chiark.greenend.org.uk> wrote: > > > > > Can you explain why you don't aggregate these into bigger packages, > > > for use in Debian ? > > Because the node.js ecosystem is toxic and broken in encouraging > > relasing software which embeds very specific versions of lots of tiny > > libraries, and because Debian is ideologically against duplicating code > > in different packages and build systems downloading code ad built time. > > > > -- > > ciao, > > Marco > > I have to agree with Marco on this from a position of being a watcher on > the side rather than an active developer of much from Ruby on Rails / NPM > (and, earlier, helping to support users of the Maven build ecosystem). > > NPM and Node is probably the worst offender - but there's a huge tendency > to create "magic environments" which pull in random bits of code to build > your software. Most Node bits are tiny - occasionally they'll break ABI / > versioning and everything else. This isn't the idea of a stable Debian > package. > > Ruby on Rails is also pretty much the same - Maven was and is the same, with > the added complication of difficulty of knowing what you get in millions and > millions of parts when the build system hides dependencies and is automagic.
Actually, node is in a league of its own in this regard: http://www.modulecounts.com/ -- Regards, Scott.
signature.asc
Description: Digital signature
