Reply to post: Re: Thames

How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript

Anonymous Coward
Anonymous Coward

Re: Thames

1. Every platform uses some package manager hosted by some company. There's no reason why, say, RedHat is more trustworthy than NPM, Inc.

I call apples and oranges.

AIUI, (and hell, I try and keep clear of all this shit) Web 2 "design" loads shit dynamically from places all over The Interwebs. So if any of that breaks, your website/app iimediately breaks.

It hardly needs saying that RedHat/CentOS/Debian/Ubuntu package management works nothing like this.

For starters, the packages aren't dynamically loaded. And it's all cryptographically signed by the distributor and verified on installation. Does your website demand that the browser does that with every Random Piece of Javashit that it grabs ??

I could go on....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020