We didn't censor any comments; we did no moderation of any kind today. I have no idea what happened to his comment, but nobody at npm did anything to it.
(Update: I remembered I wrote http://seldo.com/weblog/2013/09/04/why_i_am_a_web_developer a while ago, which should give some indication about how I feel about censoring the web)
The internet is a weird place like this, where mobs can assemble in hours and stick you on their pitchforks for an imagined slight before you know what's going on. That's just the way it works, unfortunately, and the tech crowds are no exception.
To those who actually appreciate what these guys are doing: now would be a good time to pipe up and show that you support them and are not represented by the vocal minority who's currently getting all the spotlight!
It seems worth investigating and would set many of the skeptics at ease to know that it truly was not moderated by a NPM member.
Freedom of speech doesn't mean you get to go into someone's house and shout in their face.
"Do not display a comment once it is flagged [Off/1 time/3 times/5 times/10 times]"
IMHO the allegedly moderated comment didn't have anything that hasn't been said in hundreds of other places (except perhaps the cheap shot about them smoking something)
Make a mistake and deploy a backwards-incompatible change? Thats negligent. However, mistakes happen and I understand that. (An apology would be nice.)
But deleting the most important and insightful comment is damn-near unforgivable. Especially when such a note was so reasonable, even-tempered and had such empathy for the npm maintainers.
As of today, I don't really trust npm, and trust is considerably important for package managers. If they expect to earn any of my respect back, it would take a sincere apology.
Your outrage seems rather misplaced. They screwed up their certificates, which caused a problem for people running the non-latest-stable nodejs.
They then posted how to fix this, and apologised for the problem.
Note to the wary: if you are running software that is version 0.10.25 in production, and complaining that things aren't "Ready for enterprise" then all I have to say is "no shit, look at the version number!"
If you aren't ready/willing to deal with a fast moving deploy target, then stick to Ruby/Python or better still JVM/.Net!
I hadn't seen the seldo's apology when I posted, but they do seem very honestly apologetic. Like I said, I have nothing against them messing something up time and again, especially something that shouldn't break responsible production environments. Everybody makes mistakes.
The big red flag to me was the deletion of Rob's criticism. I know they must have been very stressed out, but it wasn't a good move. The industry needs to question if we can rely on these people, and kneejerk reactions like that don't earn any trust.
Nobody can deny that trustworthiness is a touchy subject as npm transitions into a real company. Node developers rely on the reliability of thier development stack, and the reputation of node is largely in the hands of this organization. As npm changes and becomes more opaque, it will become harder for the open alternatives to keep up. If npm gets messed up, node does too. For developers working on production node projects, there is certianally something to loose. If the time comes that npm does need to be forked, the path forward will certianally be a bumpy one.
For the time being, I continue to trust npm for my js modules (and even with my "life", considering I have a few -g installed modules.) Like I said, developers working on node projects don't have much choice, but after reading their apologetic response I will continue to trust npm.
Sure do, enjoying them every day.
For more info on semantic versioning: http://semver.org/spec/v2.0.0.html
Your point regarding npm itself being beyond 1.0.0 is fully valid, I just wanted to clarify the reason for certain expectations existing based on version number.
But "enterprise readiness" (whatever that means) which is what Rob the random commenter was talking about in his comment, seems silly on a runtime that is below version 1.0
Yes npm is 1.4.4, but node is 0.10.25. So an expectation of ANYTHING being "production ready" on a non-production ready runtime seems fraught.
I get that nodejs is high quality and it is run in production all over the place (I myself run it, and even meteor in production applications). But I understand there are risks and it's a fast moving target.
and today has no money:
but doesn't want to work for another "shop beholden to the weakness of its internal IT":
It's difficult to have a ton of sympathy, but it's still just an overall sad situation.
Hmm...Life guidance. I don't know.
Sometimes a technology's biggest detractors are its most fervent adherents. The drama, fuss, immaturity and irrationality is just off-putting and screams to everyone else "Do you enjoy drama? Do you want to be in the middle of trolling wars on Twitter? Please join us, just Node.js it all comes with it as part of the package!".
This is isn't the only thing. The drama with Joyent fake firing that person who didn't want to accept some doc updates. Is that all, I maybe wrong, but there is just no end to immaturity and drama. The people and culture associated with this technology is off-putting to me. Maybe others love it, good for them.
And the catch all is of course Steve Balmers sweaty speech...
C is a different kettle, I suspect it had it's drama time, but the internet wasn't around to amplify it.
Go and Erlang combined communities are a fraction of Node, python, ruby ones (individually).
Those that read into internet ranting and call it drama or immaturity, are simply displaying their own maturity. The vast majority of people in these communities are mature professionals... now and then you get a blowup, that isn't a reflection on the technology or community but the individuals involved.
> I decided not to fight for changing something for the better today and quit. Why do companies lie? Why do ppl fear change?
I am not wise enough to be called a source of wisdom...but if you are in IT, and your company is not actively poisoning children or criminally violating you, do not quit out of professional principle without a backup plan.
It's an interesting thing to read through after reading the other HN article "We have luxurious jobs but we are not ware of it" .
> Thanks for reaffirming my commitment to not read up about an author/user/submitter other than in regards to the opinion/assertion made at hand...
Oh dear, down the rabbit hole I go...
As far as I can tell, it seems to be about IT not supporting MongoDB and him not wanting to use *SQL.
> I will key=value a BLOB in your row. Good luck reporting that. I am NOT dealing with tables. It's 20 the fuck 14.
More context: https://news.ycombinator.com/item?id=7320833
Oh, boy. A DSL line isn't sufficient to handle 150 people accessing the site right now. It may be slow, but it's not going to go down. It's powered by Node, the nodejs process is only using 56MB of RAM and about 40% CPU. I'm fine. My bandwidth is simply depleted. Have patience, and thank you for visiting. I need some bandwidth and a budget. Wow.
So the price is slightly less, but the value for money isn't good with the home solution. Then again, unemployed people are sometimes known to make suboptimal economic decisions in terms of expected value, because they're optimizing for other things (e.g. being able to switch off a cost mid-month).
Running a home server is fun, but not the best choice if you're publishing content to the outside world.
Case in point: https://status.github.com/messages/2013-11-13 (due to https://news.ycombinator.com/item?id=6722197)
I agree that from a business perspective, a VPS is the obvious winner. You don't get redundant hardware and fast internet at home for the same price as you can with a VPS. And if something goes down, you needn't be the one on call: your host fixes it all for you. But for personal hosting that doesn't need someone on call, I prefer hosting my own stuff.
And, especially on DSL internet, it's much nicer to have your data and backups in the LAN instead of having to up/download it all through that pipe. So if you have a server at home anyway, no need to get another VPS really.
When that security bullshit happened with RubyGems a year ago, many members of the Ruby community pitched in and helped the RubyGems team get the site back in order, even making Chef scripts so the whole thing is repeatable. Now, RubyGems is more secure and runs faster than ever.
> Powered by Pulsar
For various definitions of 'powered'.
He says Node and/or Pulsar are doing well enough (150 connections using ~50 MB of RAM and 40% CPU)- apparently he just doesn’t have enough bandwidth to get everything out to everyone.
I really like that, and fits so well for some FOSS projects.
However, Isaac has been hellbanned...I'll repost just to give him the benefit of the doubt:
> We didn't moderate away anything. I am literally the only person who CAN moderate those comments, and I was at a conference all day. 100% of my online time was spent working with my team to figure out the fastest path to a fix. We didn't realize the extent until way too late, and that's bad on us. I apologize. I didn't delete your comment. I'll look at the moderation queue and see if maybe disqus is set to auto-hide after some time or something. I'm sorry for the confusion there.
I eliminated almost all my comment spam by writing a custom version of the Growmap Anti-Spam plugin.
Incidentally, if anyone here was actually affected by this, they put up a reasonable explanation / apology / useful-resolutions blog post that no-one seems to be paying attention to: http://blog.npmjs.org/post/78165272245/more-help-with-self-s...
"I'm awesome because I built this kick-ass system."
"Yes, well, this system isn't working very well."
"Well it's not like I tried very hard."
The comment thread on his post is a trainwreck. The guy needs to learn when to shut his mouth. He even comes across as a total hot-head in the description of his last job on his resume. I'd feel kind of bad for him if he wasn't being such an asshole.