I'm in the position that I actually find npm / yarn the best ecosystem. Whenever I use something else I always end up stubbing my toe into something thats missing / feels wrong.

Ex. Cargo seems to neither have a concept of devDependencies nor peerDependencies.

@zkat__ I also can't understand why it wouldn't have an "add" command to add a new dependency. And I'm no fan of Toml, json is greate (easy to parse and build tooling around), and the better option in my opinion would be json5.
@zkat__ C / C++ seems to just not have language package managers. The linux / bsd crowd seem to have decided that the system package manager also should be the language package manager. Which might have been fine if every Linux distro used the same system package manager.
@zkat__ Instead we end up with a N x M problem. Where we have a bunch of different operating systems and they all support multiple system package managers. So there's no easy way of distributing, referencing and updating C / C++ packages.
@zkat__ It is also my opinion that the compiler / runtime should be a package dependency. I don't like Rust's split between rustup and cargo (they should have been one tool). Similarly it would be better if you added Node as a dependency to package.json, that way we wouldn't need NVM.
@zkat__ Lock-files are great, but I'm always surprised that they aren't built in a way so that Git can more easily automatically resolve merge conflicts. Maybe package managers could supply a Git hook for fixing merge conflicts in lock-files?
@zkat__ I'm not to happy that Cargo doesn't have a dedicated command for downloading dependencies. I don't want it to download all its dependencies when I run the build, I would want to do that beforehand as its own step. How else am I to cache the dependencies in buildpipelines / Docker
@zkat__ I still don't know how Go handles its dependencies. Whatever they did with requiring a GOPATH when it first came out was horrible. I feel like any new programming language that comes out should solve their package management first before releasing something into the public.
@zkat__ In fact I feel like any new programming language should be built around package management! Semver is okay, but not great. There should be no reason to manually have to set version numbers. But that would mean that the compiler would have to come up with a version number.
@zkat__ That should be possible if the language was built around supporting it.
@zkat__ I feel like every package manager should have a command to output their dependency tree as a graphviz Dot file, so that you could easily graph it. Especially if you have a monorepo with multiple workspaces.
@zkat__ And why don't package managers come with petter tooling around reviewing and upgrading dependencies? Let me easily get a list of dependencies and filesize. Give me a linter to ensure that packages gets updated.
@zkat__ Let me set max size for libraries so that I can ensure that I don't pull in to big libraries.
@zkat__ Yarn Berry's idea of committing the yarn executable to the Git repo so that it to is versioned (and therefor is versioned between developers / CI servers) is a great idea! How well it works in practice I have yet to see.
@zkat__ I'm not a fan of Yarn keeping a single lock file for all of it's workspaces in a monorepo. It makes building things inside docker a bit weird, it creates more opportunities for merge conflicts. I feel like there should be a better solution for this.
@zkat__ Lock-files in general feel like they store to much information. There should be an algorithm to reduce what information is needed, and to find a minimal set. I remember seeing a project that supposedly fixed this in another ecosystem.
@zkat__ This came out as a bit of a rant, I'm afraid that I could keep going for quite a while. Feel free to hit me up if you'd like to talk more about this. Then again you probably have know a lot more than me about all this having worked with building this kind of stuff.
@zkat__ @UnrollHelper

More from Tech

After getting good feedback on yesterday's thread on #routemobile I think it is logical to do a bit in-depth technical study. Place #twilio at center, keep #routemobile & #tanla at the periphery & see who is each placed.


This thread is inspired by one of the articles I read on the-ken about #postman API & how they are transforming & expediting software product delivery & consumption, leading to enhanced developer productivity.

We all know that #Twilio offers host of APIs that can be readily used for faster integration by anyone who wants to have communication capabilities. Before we move ahead, let's get a few things cleared out.

Can anyone build the programming capability to process payments or communication capabilities? Yes, but will they, the answer is NO. Companies prefer to consume APIs offered by likes of #Stripe #twilio #Shopify #razorpay etc.

This offers two benefits - faster time to market, of course that means no need to re-invent the wheel + not worrying of compliance around payment process or communication regulations. This makes entire ecosystem extremely agile

You May Also Like

Department List of UCAS-China PROFESSORs for ANSO, CSC and UCAS (fully or partial) Scholarship Acceptance
1) UCAS School of physical sciences Professor
https://t.co/9X8OheIvRw
2) UCAS School of mathematical sciences Professor

3) UCAS School of nuclear sciences and technology
https://t.co/nQH8JnewcJ
4) UCAS School of astronomy and space sciences
https://t.co/7Ikc6CuKHZ
5) UCAS School of engineering

6) Geotechnical Engineering Teaching and Research Office
https://t.co/jBCJW7UKlQ
7) Multi-scale Mechanics Teaching and Research Section
https://t.co/eqfQnX1LEQ
😎 Microgravity Science Teaching and Research

9) High temperature gas dynamics teaching and research section
https://t.co/tVIdKgTPl3
10) Department of Biomechanics and Medical Engineering
https://t.co/ubW4xhZY2R
11) Ocean Engineering Teaching and Research

12) Department of Dynamics and Advanced Manufacturing
https://t.co/42BKXEugGv
13) Refrigeration and Cryogenic Engineering Teaching and Research Office
https://t.co/pZdUXFTvw3
14) Power Machinery and Engineering Teaching and Research
🌺श्री गरुड़ पुराण - संक्षिप्त वर्णन🌺

हिन्दु धर्म के 18 पुराणों में से एक गरुड़ पुराण का हिन्दु धर्म में बड़ा महत्व है। गरुड़ पुराण में मृत्यु के बाद सद्गती की व्याख्या मिलती है। इस पुराण के अधिष्ठातृ देव भगवान विष्णु हैं, इसलिए ये वैष्णव पुराण है।


गरुड़ पुराण के अनुसार हमारे कर्मों का फल हमें हमारे जीवन-काल में तो मिलता ही है परंतु मृत्यु के बाद भी अच्छे बुरे कार्यों का उनके अनुसार फल मिलता है। इस कारण इस पुराण में निहित ज्ञान को प्राप्त करने के लिए घर के किसी सदस्य की मृत्यु के बाद का समय निर्धारित किया गया है...

..ताकि उस समय हम जीवन-मरण से जुड़े सभी सत्य जान सकें और मृत्यु के कारण बिछडने वाले सदस्य का दुख कम हो सके।
गरुड़ पुराण में विष्णु की भक्ति व अवतारों का विस्तार से उसी प्रकार वर्णन मिलता है जिस प्रकार भगवत पुराण में।आरम्भ में मनु से सृष्टि की उत्पत्ति,ध्रुव चरित्र की कथा मिलती है।


तदुपरांत सुर्य व चंद्र ग्रहों के मंत्र, शिव-पार्वती मंत्र,इन्द्र सम्बंधित मंत्र,सरस्वती मंत्र और नौ शक्तियों के बारे में विस्तार से बताया गया है।
इस पुराण में उन्नीस हज़ार श्लोक बताए जाते हैं और इसे दो भागों में कहा जाता है।
प्रथम भाग में विष्णुभक्ति और पूजा विधियों का उल्लेख है।

मृत्यु के उपरांत गरुड़ पुराण के श्रवण का प्रावधान है ।
पुराण के द्वितीय भाग में 'प्रेतकल्प' का विस्तार से वर्णन और नरकों में जीव के पड़ने का वृत्तांत मिलता है। मरने के बाद मनुष्य की क्या गति होती है, उसका किस प्रकार की योनियों में जन्म होता है, प्रेत योनि से मुक्ति के उपाय...
The entire discussion around Facebook’s disclosures of what happened in 2016 is very frustrating. No exec stopped any investigations, but there were a lot of heated discussions about what to publish and when.


In the spring and summer of 2016, as reported by the Times, activity we traced to GRU was reported to the FBI. This was the standard model of interaction companies used for nation-state attacks against likely US targeted.

In the Spring of 2017, after a deep dive into the Fake News phenomena, the security team wanted to publish an update that covered what we had learned. At this point, we didn’t have any advertising content or the big IRA cluster, but we did know about the GRU model.

This report when through dozens of edits as different equities were represented. I did not have any meetings with Sheryl on the paper, but I can’t speak to whether she was in the loop with my higher-ups.

In the end, the difficult question of attribution was settled by us pointing to the DNI report instead of saying Russia or GRU directly. In my pre-briefs with members of Congress, I made it clear that we believed this action was GRU.