
Npm 'isntall' - avinassh
https://github.com/npm/npm/issues/2933
======
makecheck
This seems “helpful” but here’s what I think will happen: a few people will
accidentally write scripts that depend on the typo version, then a future
maintainer of NPM will scrap this feature and cause those scripts to break.

Rather than promoting multiple interfaces, pick one correct name and force
people to use it. And this isn’t just for typos; in Subversion for instance,
it is ridiculous that "svn blame", "svn praise" and "svn annotate" all refer
to exactly the same operation. Which probably means that someone has to make
sure "man" page queries with any of those names will all work, etc. Useless
extra effort.

I set up shell aliases for typos that I find _myself_ making frequently, which
are probably not the same typos that other people make. In the case of "npm
install", there are probably a series of equally-probable ways to make a
mistake: "onstall", "nistall", "unstall" or heck even "instal". Therefore,
don’t cater to any of them. Let me fix my own typos in my own shell, and don’t
give people a chance to introduce those things into scripts.

~~~
drvdevd
Yes, I agree and also thought of shell aliases when I read this. On top of
that there's an argument forming somewhere in my mind that this also sets a
bad _security_ precedent in the long term... although I can't put my finger on
it exactly. Any place where you unnecessarily widen the range of possible
inputs (especially in a shell interface) seems to invite future abuse. For
example, what if some future maintainer decides to make this a regex match?

~~~
drvdevd
Or perhaps the more obvious: you try to _disallow_ 'npm install' in some
limited environment but allow other npm commands?

------
avinassh
Related:

'unisntall' \-
[https://github.com/npm/npm/issues/6095](https://github.com/npm/npm/issues/6095)

'verison' \-
[https://github.com/npm/npm/pull/6832](https://github.com/npm/npm/pull/6832)

