It looks like “is-number” was never more than a few simple lines of code. It still has 68 million downloads per week.
https://www.npmjs.com/package/is-number
I checked one of our main projects at work, and it’s in there as a dependency 6 levels deep via the “sass” package.
I’ve literally told my coworkers “I’m not saying we should never use dependencies. But every time you add a dependency, you should hate yourself a little bit more. Some self flagellation can’t hurt either.”
So, every time I use a library to recognize patterns on a picture, to interact with Kafka, do some SSL, or do database mapping, I should hate myself, noted
We did Elastic API integration in Java by creating and maintaining huge half-codegenerated transformer from code to Elasticsearch’s JSONs, it was a pain and it was source of more than one error
Dependences should be reviewed and audited to make sure they do what you need and they are worth using. Just making everything in-house gets you nowhere most of the time
You code in Java, of course you should self flagellate on a daily basis just for that. The entire ecosystem is completely fucked.
Note that the PR was later merged by a member who got fed up with his colleagues.
And who hasn’t contributed any code to this particular repo (according to github insights).
Not familiar with this exact team, but a skilled reviewer/issue triager is useful. We can hope this person at least tested the changes.
The only two people arguing against the change were both authors/contributors of is-number lol
How many contributors could there possibly be
3, about two lines per contributor
Link to the PR? The PR description and the comment somehow contradict each other. Or I am stupid. Or the commenter.
I tried to edit the ‘highlights’ into a single image, the top is the description of the PR, the middle is a comment replying to another comment
Thanks!
What a shit show.
Another day of being extremely thankful I decided not to learn JavaScript
Look at what you’re missing!
Edit: also,
is-odddepends onis-number
