this post was submitted on 31 Jul 2024
741 points (99.3% liked)

Programmer Humor

19817 readers
259 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 26 points 4 months ago* (last edited 4 months ago) (2 children)

It handles a few weird edge cases, mostly. Only 7 meaningful lines of code and almost 70M downloads week!

[–] [email protected] 28 points 4 months ago (1 children)

Sadly, it's a stupid dependency of a lot of things.

Just ran npm explain is-number on one of my projects, and it's a dependency of to-regex-range which is a dependency of fill-range which is a dependency of....and so on up the chain.

I was hoping I wouldn't find that in there, but alas, it is.

[–] [email protected] 34 points 4 months ago (1 children)

Given that this screenshot is about to-regex-range I think they might be on to something!

[–] [email protected] 23 points 4 months ago

🤦‍♂️😆

Didn't even catch that in the screenshot. lol

[–] [email protected] 8 points 4 months ago* (last edited 4 months ago) (1 children)

I don't get the concept that depending on 7 lines of code from a third-party package is remotely acceptable. It's expanding the potential attack surface to save a dev from templating 7 lines of boilerplate. There's no net benefit or appreciable time saved.

I'm glad I don't have to deal with this regularly.

ETA: The package is even MIT licensed! There's no excuse but laziness and not wanting to understand the code to import this rather than inlining or implementing a novel version. If I can spend the time to write:

if err != nil {
  slog.Warn("well shit", "error", err)
  return err
}

after every function call...I just didn't get it.

[–] [email protected] 5 points 4 months ago

You’re right, it’s not sane! The js ecosystem is hell