Rob Fahrni

Follow @fahrni on Micro.blog.

Code Bomb šŸ’£

AHHHHHH!Daring Fireball: ā€The way the Node community works, just blindly slurping in other people’s package updates without knowing what’s in them, continues to boggle my mind.ā€

In one of yesterdays posts I referred to the React Native community as loosey goosey.

The node.js community is one of the reasons why.

Always pin your dependencies.

Heck, I’ve worked on projects where we’ve committed binaries, after doing a ā€˜pod install’, to the repo so we wouldn’t get an accidental update. Folks understood not to install stuff in their local build so we wouldn’t get random crap.

Another thing I’ve done is just include the code right in my project, no dependency manager. Especially if the code is really small.

Anywho, enough of the Development World According to Rob. šŸ˜„