• Ephera
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    3 years ago

    Hmm, I don’t really agree with that article. The thing is, publishing something as open-source is trivial.
    But, despite the opposite being written into basically all open-source license (“is provided as-is”), we expect every published piece of software to come with updates ad infinitum.

    And you can’t really plan for it. You can release many pieces of open-source software that no one will ever use. And then one of them happens to become popular by chance and suddenly you’ve volunteered for the role of Benevolent Dictator For Life.

    I guess, you could leave the software published and as-is, i.e. stop releasing new versions, but I’m honestly not sure that’s truly better for the users. By breaking their builds, they’ll know they have to migrate to something else. If you just leave it unmaintained, security problems will creep in and bugs will remain forever unfixed.

  • dragnucs
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    3 years ago

    Builds are breaking all over the world.

    Well this is not so dramatic, only the CI and possible future builds. The previous version and build still do exist. There are also local copies and developers computers and CI server npm cache.

  • Sharmat@beehaw.org
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    In November 2020, Marak had warned that he will no longer be supporting the big corporations with his “free work” and that commercial entities should consider either forking the projects or compensating the dev with a yearly “six figure” salary.

    Honestly, I do think he has a point here. These are corporations that use FOSS to make millions off of it, but contribute nothing back, either in code or in monetary support. While I don’t condone his means to try to get that (i.e.intentionally breaking compatibility), he is morally justified in this request.

  • timbuck2themoon@sh.itjust.works
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago
    1. Any company or even Dev worth their salt would have an artifact proxy so this doesn’t happen.
    2. yeah, js could use an actual standard library so every trivial thing doesn’t need npm.
  • YouLookGraphics
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    3 years ago

    While I don’t really agree with this article, I do think this guy is an idiot.

    Purposefully corrupting two of the most used NPM libraries in existence is gonna destroy the workflows and projects of big tech that are using FLOSS software and not giving back to the community alright, but it will also destroy the workflows and projects of those that DO give back to the community! And even worse, it will teach people to not update no matter what, out of fear of their projects breaking all of a sudden.

    Developing FLOSS software is just a slippery slope over all, with most of the freedom given to the user and not the developer. If you can’t handle that and expect a six figure wage in return of developing these libraries and software in general, don’t enter the world of FLOSS. Stick to your proprietary poo.

    This guy is an asshole.

  • a_Ha
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    3 years ago

    From your article :
    In November 2020, Marak had warned that he will no longer be supporting the big corporations with his “free work” and that commercial entities should consider either forking the projects or compensating the dev with a yearly “six figure” salary.” …😆 ! !

    My small search :
    We’re npm, Inc., the company behind Node Package Manager, the npm Registry, and npm CLI. We offer those to the community for free, but our day job is building and selling useful tools for developers like you. Take your JavaScript development up a notch

    NPM is the repository of all kind packages that you can think of. At this moment, there are 28698 packages in NPM which is a lot for a 4 years old project.
    Hi.[@Ephera](https://lemmy.ml/u/Ephera)i.was.updating.at.the.same.time.you.repled

    • Ephera
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      3 years ago

      There is a popular framework for using JavaScript to write backend applications, which is called Node.js.
      And then for that framework, they created a package manager, the Node Package Manager – NPM.

      Nowadays, NPM is used even for frontend code and independent of Node.js, because there is no real other package manager for JavaScript.

      • el_programmadorOP
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        3 years ago

        There is a popular framework for using JavaScript to write backend applications, which is called Node.js.

        A small nitpick but Node.js is technically a JS runtime (built with V7 engine), not a framework. Express.js is the actual framework that runs on Node.js.