• Jiří Král
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    11 months ago

    Isn’t this a problem with every package/library system? Is there really a solution to this that doesn’t limit packages with how they handle their dependencies?

    This may also be about trust. npm probably could limit a number of dependencies that a single package can have with an arbitrary limit, but they don’t do that, because they trust the developers they won’t misuse their options. Well…

    • dependencyinjection
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      11 months ago

      Thats a good question and I’m not sure to be honest.

      We use NPM at work client side for React Typescript and Nuget server side for C# .net and all I know is the senior always complains about NPM but not NuGet I do believe the backend is less package reliant on our applications so maybe that’s why it’s not as bad.