Comment by greener_grass
Comment by greener_grass 6 days ago
So let's put every package under the sun into the client?
This approach does not scale. We should make NPM better.
Comment by greener_grass 6 days ago
So let's put every package under the sun into the client?
This approach does not scale. We should make NPM better.
- NPM could migrate to reproducible builds of artefacts
- Trust could be opt-in by default
- Dependency installation could be made fully reproducible
How do you make NPM better?
BTW I'm not saying we should kill NPM. What I'm saying is we should reduce our dependance on random packages.
Bun doesn't need to add everything into the core engine. Eg: when using .NET you still add plenty of official Microsoft dependencies from Nuget.