Hacker News new | past | comments | ask | show | jobs | submit login

Other popular mainstream languages don't need a "leftpad" package in the first place.



JS didn't need it either. A dev made the library, shared it, and some developers decided to use it. That's on them. Nothing about JS made it necessary.


Also, here's how to publish a package:

    mkdir my-package
    npm init
    npm publish


Same with Rust. Any language with a package manager has this issue.

    cargo new my-crate
    cargo login ...
    cargo publish


Node has a more robust standard library than Rust, which forces devs to download third party libraries to compute a regular expression or generate a SHA-256.

For now Node is a richer target due to its popularity but the same issues will hit any language ecosystem that suffer the same flaws should they become popular.


"Third-party" isn't really correct for regex: https://github.com/rust-lang/regex (note the org)

Rust's stdlib is deliberately small in order to allow it to have very strong stability guarantees.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: