Our great sponsors
-
is-odd
Discontinued I created this in 2014, the year I learned how to program. All of the downloads are from an old version of https://github.com/micromatch/micromatch. I've done a few other things since: https://github.com/jonschlinkert. (by i-voted-for-trump)
-
is-date-object
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
I think that this approach would cut down the amount of JS dependencies significantly. Things like is-even and is-odd come to mind. You don't want another leftpad or colors.js to happen to you and minimising dependencies is the most effective strategy to accomplish that.
So many leaf dependencies I've looked into are no more than a Stackoverflow answer in a JS file accompanied by six or seven metadata files (package.json + typescript files + linter config + readme + git config + ...). This file: https://github.com/i-voted-for-trump/is-odd/blob/master/inde... is downloaded over 400000 times per week (https://www.npmjs.com/package/is-odd) and while I don't have anythimg against the author for publishing a helpers function, I don't see why I would expose my project to risking a supply chain attack for something so minor. Here's another, with millions of downloads: https://github.com/inspect-js/is-date-object/blob/main/index...
I know that these are all downloaded so ofyen because theyre dependencies of dependencies but I'd appreciate it if bigger libraries would provide a vendored version of their packages that just collects these microdependencies instead of wasting npm's time by making it manage these tiny helper files. Don't vendor stuff like React or Vue or whatever framework you prefer but for the love of God don't add a dependency for 50 lines of code. Sometimes copy/paste is the right solution.
I think that this approach would cut down the amount of JS dependencies significantly. Things like is-even and is-odd come to mind. You don't want another leftpad or colors.js to happen to you and minimising dependencies is the most effective strategy to accomplish that.
So many leaf dependencies I've looked into are no more than a Stackoverflow answer in a JS file accompanied by six or seven metadata files (package.json + typescript files + linter config + readme + git config + ...). This file: https://github.com/i-voted-for-trump/is-odd/blob/master/inde... is downloaded over 400000 times per week (https://www.npmjs.com/package/is-odd) and while I don't have anythimg against the author for publishing a helpers function, I don't see why I would expose my project to risking a supply chain attack for something so minor. Here's another, with millions of downloads: https://github.com/inspect-js/is-date-object/blob/main/index...
I know that these are all downloaded so ofyen because theyre dependencies of dependencies but I'd appreciate it if bigger libraries would provide a vendored version of their packages that just collects these microdependencies instead of wasting npm's time by making it manage these tiny helper files. Don't vendor stuff like React or Vue or whatever framework you prefer but for the love of God don't add a dependency for 50 lines of code. Sometimes copy/paste is the right solution.