veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

299
active users

#npm

10 posts10 participants0 posts today

Package Manager for Markdown

I'm working on a project that is intended to encourage folk to make markdown text files which can be bundled together in different bundles of text files using a package manager.

Question for coders; Which package manager would you suggest I use?

Main criterias (in order) are:

1. Easy for someone with basic command line skills to edit the file and update version numbers and add additional packages.

2. All being equal, more commonly and easy to setup is preferred.

#Markdown #CommonMark #PackageManager #Programming #Dev
#NPM #RubyGems #Cargo #PickingAMastodonInstance
#Ruby #Python #Rust #Javascript #NodeJs #Lisp #CommonGuide

OF LIMBO Share Homage To Van Halen With "Finish What Ya Started"
OF LIMBO are sharing a fun new homage to Van Halen with their acoustic version of the classic “Finish What Ya Started”.  It’s the 2nd release from the California band off their upcoming “Unplugged” album, which will be released this summer.

Recorded at the band’s home studio in Long Beach, their...
comiccrusaders.com/editorial/o
#of limbo #rock #music #npm pr

In today's Supply Chain News ...

Eleven oooold npm packages were hijacked to steal API keys. Wonder how many of them jise are just sitting on n someone's built pipeline with "latest" as the version parameter?

sonatype.com/blog/multiple-cry

h/t to SonaType for the top notch research.

#supplychain
#npm

www.sonatype.comMultiple crypto packages hijacked, turned into info-stealersMultiple hijacked npm cryptocurrency packages exfiltrate sensitive environment variables via obfuscated scripts and pose risks to open source ecosystems.

@henry Having (almost fully) switched to #NodeJS in 2012, I quickly recognized the danger of relying to _anything_ (#npm included, this one gave me a lot of pain for several times over the years).
Ended up with a monstrous monorepo. Forked (and improved) just 2 other people's repos, one abandoned and one that took months to finally get it right regarding garbage collection, but I had no time to wait.
Thereby I never got to a situation to hate a programming language because of the hype around it, but it surely got me coding a ton of #javascript.
The experience helped me a lot in JS5=>ECMAScript and ECMAScript=>TypeScript switching in the last year or so.

Out of pure curiosity, and because I'm on that #webdev #framework discovery tip. Heck, this project even made me download an IDE for Android lol

Just to read `install.bin` - which is an sh script.

Excuse me, but why are you bundling #nodejs and #npm? Is it to facilitate a setup process for containers, or is it merely to make the process easy?

I'm a bit sceptical to that sort of thing, especially when fetching from a vendors domain directly.

Any plans to build packages via CI?

@aral @andre