upvote

points

by brunoborges22 hours ago |
comments
upvoteby danpalmer22 hours ago|
next
[-]
To my knowledge NPM isn't shipped in _any_ major OSes. It's available to install on all, just like most package managers, but I'm not sure it's in the default distributions of macOS, Windows, or the major Linux distros?
reply
upvoteby anilgulecha22 hours ago|
parent|
[-]
No package manager is. But of the ones that are installed by users, npm is probably the most popular.
reply
upvoteby spinagon22 hours ago|
parent|
next
[-]
What about pip? It's either installed or immediately available on many OSes
reply
upvoteby Fabricio2020 hours ago|
parent|
next
[-]
pip might be but it was historically super inconsistent (at least in my experience). Is it `pip install`? `python3 -m pip install`? maybe `pip3 install`? Yeah ubuntu did a lot of damage to pip here. npm always worked because you had to install it and it didnt have a transition phase from python2 being in the OS by default.
reply
upvoteby piperswe22 hours ago|
parent|
prev|
next
[-]
`pip install` either doesn’t work out of the box or has the chance to clobber system files though
reply
upvoteby jitl21 hours ago|
parent|
prev|
next
[-]
system pip w/ sudo usually unleashes Zalgo, i’d rather curl | bash but npm is fine too. it’s just about meeting people where they’re at, and in the ai age many devs have npm

if you build for the web, no matter what your backend is (python, go, rust, java, c#), your frontend will almost certainly have some js, so likely you need npm.

reply
upvoteby nikanj21 hours ago|
parent|
prev|
[-]
This is about eight years old. The python situation has mostly gotten worse since https://xkcd.com/1987/
reply
upvoteby jitl20 hours ago|
parent|
next
[-]
python packaging / envs is solved now by uv. its not promising or used by people in the know like the last 2 trendy python package managers. i was a big time python hater since it was a pita to support as a devtools guy but now its trivial. uv just works, it won.
reply
upvoteby abustamam11 hours ago|
parent|
[-]
I'm not a python dev, but I see a bit of its ecosystem. How does uv compare with conda or venv? I thought JS had the monopoly on competing package managers.
reply
upvoteby a_t4820 hours ago|
parent|
prev|
[-]
What? It’s much much better now, you can just use uv. Yeah, it’s yet another package manager, but it does it well.
reply
upvoteby chrisweekly9 hours ago|
parent|
[-]
Or go up a rung or two on the abstraction ladder, and use mise to manage all the things (node, npm, python, etc).
reply
upvoteby 21 hours ago|
parent|
prev|
next
[-]
deleted
reply
upvoteby 22 hours ago|
parent|
prev|
[-]
deleted
reply
upvoteby oefrha22 hours ago|
prev|
next
[-]
> The install script checks the OS and Arch, and pulls the right Rust binary.

That's the arbitrary code execution at install time aspect of npm that developers should be extra wary of in this day and age. Saner node package managers like pnpm ignore the build script and you have to explicitly approve it on a case-by-case basis.

That said, you can execute code with build.rs with cargo too. Cargo is just not a build artifact distribution mechanism.

reply
upvoteby mcmcmc19 hours ago|
prev|
next
[-]
More of a de facto standard for supply chain attacks tbh
reply
upvoteby mountainriver22 hours ago|
prev|
next
[-]
Yeah except you need to install NPM, whereas with a rust binary, which can easily compile cross platform, you don’t.

Honestly I’m shocked to see so many people supporting this

reply
upvoteby bigstrat200321 hours ago|
prev|
next
[-]
> NPM has become the de facto standard for installing any software these days, because it is present on every OS.

That's not remotely true. If there is a standard (which I wouldn't say there is), it's either docker or curl|bash. Nobody is out there using npm to install packages except web devs, this is absolutely ridiculous on Google's part.

reply
upvoteby abustamam11 hours ago|
parent|
next
[-]
I agree but this isn't a Google project, it's one Google employee.
reply
upvoteby jitl20 hours ago|
parent|
prev|
[-]
they offer npm for the large market of cli users who have it, and curl|bash to those who don’t. ¯\_(ツ)_/¯
reply
upvoteby xarope20 hours ago|
prev|
next
[-]
"NPM has become the de facto standard for installing any software these days, because it is present on every OS."

What?!? Must not be in any OS I've ever installed.

Now tar, on the other hand, exists even in windows.

reply
upvoteby koakuma-chan20 hours ago|
prev|
[-]
I think there has been an influx of people vibe coding in Rust because its "fast" but otherwise they have no idea about Rust.
reply
upvoteby gck118 hours ago|
parent|
[-]
Not because it's fast, but because of its compiler. It acts as a very good guardrail and feedback mechanism for LLMs.
reply
upvoteby abustamam11 hours ago|
parent|
[-]
Typescript has surpassed Python and JS as most used on Github for a similar reason

https://xcancel.com/github/status/2029277638934839605?s=20

reply
upvoteby koakuma-chan9 hours ago|
parent|
[-]
> making strict typing an advantage, not a chore

It's crazy that people think strict typing is a chore. Says a lot about our society.

reply
upvoteby abustamam7 hours ago|
parent|
[-]
I learned TS after a few years with JS. I thought having strict types was cool. Many of my colleagues with much more (JS) experience than me thought it was a hassle. Not sure if they meant the setup or TS or what but I always thought it was weird.
reply