Struggling with this right now at my current job as one of four lead devs tasked with implementing our design system with using a React component library.
I am of the opinion that we only theme the components and provide snippets for how to use them for larger UI elements; the rest are of the mindset that we should be building more components in addition to the library for simple things like: a button that has a chevron in it for dropdown menus; a specific component for combining a tooltip with an info icon; a dialog with just an okay button, in addition to the dialog with both cancel and okay buttons; etc. etc.
Just the other day I got flak for saying no to accepting another version of a tooltip that had a different icon -- what's hard about using the tooltip with the icon you want...
Why does he even need to apologize? If anything, npm should apologize and thank him for revealing a huge issue in their unpublishing policies unmaliciously.
I think there's a point when you're trying to do something really stupid and hack around the defences (e.g. rate limits and package JSON file sizes) that it's no longer an accident.
I’ve started thinking package management has too much trust now. Ideally, but probably unpractically, projects should check in their packages like they used to under /lib or /third_party, and be much more suspicious of new package dependencies.
Basically, you would need to start accepting that you are responsible for any dependencies you choose to include. Any upstream changes you would need to evaluate and bring in or patch yourself.
Definitely an impossible task given how broad and deep modern package dependencies are, but at least you’d start feeling the insanity of having all if them in the first place :P.
If NPM made some tweaks this might become trivial. Keep a node_modules/packagefiles with all the .zips that you commit to your source control. The expanded files can be kept out as they are now recoverable just using zip!
> Keep a node_modules/packagefiles with all the .zips that you commit to your source control. The expanded files can be kept out as they are now recoverable just using zip!
Wouldn’t the opposite be better? I’m not sure you could take advantage of the vast majority of files in the zip files being unchanged if you kept compressed archives.
Not sure what you mean but typically you don’t need to track changes of libraries to that level. At least not in the context of a repo using those libraries. I am thinking of treating them like binary .dlls.
Source control is really good at compressing text files as they evolve over time, but isn’t optimized to handle binary assets. Since a single-line patch changes the entire zip archive, you’d risk growing the size of the repository based on the number of patches.
A very rough prototype of a game library with modern functional React. After seeing only a few game libraries in React, and all being relatively old and class-based, I wanted to learn how to make a React-based version of some simple games.
So far I got pong and some walking/animating sprites on a map, but hopefully will find more time in the future to flesh it out.
One big issue I found out was it’s incredibly difficult, if not impossible, to dynamically add/remove react components in and out of the dom. React very much encourages not touching or modifying “children”, with most apis that do that being obsolete and deprecated.
Thanks! I didn't realize that I had to set it to all regions/countries, and so it was only available in Canada. I updated the app regions and it should be available now, so hopefully you can try it out :).
nitpick - in the Rust example it seems the events are not passed into rendering the events.html template.
https://unplannedobsolescence.com/blog/what-dynamic-typing-i...