
The Node.js Ecosystem Is Chaotic and Insecure - jaxondu
https://medium.com/commitlog/the-internet-is-at-the-mercy-of-a-handful-of-people-73fac4bc5068
======
jeremychone
Agree about the silliness of some npm modules, however, after 20 years of
building enterprise application in Java, I find NodeJS / npm / TypeScript
refreshing and a surprisingly robust platform to develop serious backend
services.

For example, many libraries are better maintained in the npm/node world than
in Java. For example, Node's Google SDK , feels well throughout and
maintained, while its java counterpart is cumbersome to use and actually out
of date. Java Google Bucket SDK supports all legacy privilege only, whereas
the node has to be expected support.

For image processing, finding any well-maintained image processing library in
Java is a pain, and at the end, we are back to using something that binds to
C++. In node, because the default is binding to C++ for those kinds of things,
you have very robust implementation from OpenCV wrapper to sharp binding to
libvips.

So, all in all, we have found that we have more chance to find a well
maintained high-quality module in npm / node world than in the Maven / Java
one. Yes, it was counter-intuitive to us a well, but we have learned the hard
way.

