Absolute state of javascript ecosystem

why not just use C then?

...user posted in a security thread.

>le C has 369 vulnabritiers from each line of code

fucking lmao

Aside from shilling rust he's basically espousing the libertarian view. TNSTAAFL and the view that he owes people something is 100% an onion view.

> npm list event-stream
> ...
> | +-- [email protected]
Well, i guess the fact it affects 3.3.6 and not my 3.3.4 means i care less too, oh and crypto is a stupid meme.

blessed first post

Attached: 1513240426605.png (1000x1000, 177K)

But that wouldn't be very inclusive, would it? Here in the node community we give access to anyone asking even if it means more vulnerabilities. Security is secondary to inclusiveness.

based and firstpostbestpostpilled

Makes me want to improve my js skills so I could go and fuck those idiots over real hard.

Shame you've got no skills to improve and you wouldn't in anyway fuck them over.

what is this shilling kek

Every time.

You're so full of shit. You and half that github thread are acting like it's node users personally trusted this guy. Who gives a fuck if he gives the package away, you have no idea who the maintainers of the other 5000 packages in your node_modules are either, and any level of blind trust to the whole shitshow is equally stupid.

Good thing I use a coin that's mainly secure and doesn't has this problem.

>make free software
>internet fags trust you for no reason, and expect you to maintain it forever

>make free software
>people just want to throw it in their project with no idea what is in it
>don't have the capabilities to pick up the development once the original author has moved on
>these people are paid money to do this

I don't understand. Anyone who has release anything slightly popular on GitHub knows the horrors of "programmers". Blows my mind. This entire industry is basically a house of cards and the builders are a bunch of literal sloths.

>problem has nothing to do with the language but the ecosystem
>rust shill shills anyway
when do they learn?

Based and redpilled.

...

Is there ay way to use tldr pages without nodejs? Are there any cool alternatives tot he former?

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR
ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Enjoy your open source software, faggots.

Attached: xmulu1f6urt11.jpg (945x819, 34K)

It's just a matter of time before the same thing happens to rust. Cargo is just a npm that doesn't use as much space on your disk.

I don't see anything wrong with it.

cargo install tealdeer

i think Goland prove it right, you can make a meme language based on striping out features from an ancient language and people will be confortable with it, we know that most progamers are not there in terms of performance (IQ) so i propose making:

C-
lets star brainstorming, i start, we remove for and while and do loops, the only aproved loop is for.
Semicolons are not needed if at the end of the line we inset an Enter

No different from closed source and the last one is paid.

>said "open sauce provided as is" is used in some of the biggest closed sauce projects
stupid pikachuposter

>Go
>40x FFI cost

based

this is why I moved on to .net core.

>downloading precompiled binaries
>b-but its open sores
Good riddance

explain

Trusted computing (whether open or closed source) was a mistake.

>Trusting a tiananmen square to not include malicious code or a Bitcoin miner.

Serves them right.

>No different from closed source
You can sue the author of proprietary software. This is why EULAs/license agreements are so huge and keep growing with every new release.

xd

> frogposter not being a faggot
Based.

Most languages won't have JavaScript's/NPM's ridiculous dependency trees. In part this is due to cultural differences (10-line packages are generally unacceptable outside of NPM), but most importantly because those other languages have a standard library.

Basado y rojoenpastillado

If I give out free ice cream, and some asshole who's helping me sticks razor blades in it, just because someone who got some didn't pay me for it doesn't mean they don't have some legal right to sue my ass

If you gave out free analogies, but the analogies were bad because software and ice cream are regulated differently and it was possible to sue someone for offering a bad analogy, you'd get sued.

>That atrocious niggerlicious code
shameful

Attached: 1521842133130.jpg (800x600, 53K)

> What is consumer protection

Honestly CI vendors could make a killing with this.
>trust in open sores projects gets hit by this
>sell a CI service to scan builds for miners
>projects that use and pass this service get to certify themselves as miner-free

>assigns javascript to true
yeah ok

thanks senpai

>scan builds for miners
The backdoor was custom-written. Solving this in the general case requires AGI, and specific filters can be worked around. Basically, you're reinventing the anti-virus and all the concerns apply.

based chinks