alt Hacker NewsPart of the point the article makes is that most other popular languages have a comprehensive standard library. JS has an astonishingly small on. Rather than have one vetted set of libraries that ship with the language, applications either need to roll it themselves or pull from a 3rd party package repository. We've drilled NIH into people, so they tend to reach for packages. That's not necessarily a bad thing, but it often means they're pulling in more code than they need. The JS ecosystem has also favored smaller modules, so you need many of them. And everyone builds on top of that, leading to massive growth in dependency graphs. It's a huge surface area for things to go wrong, intentionally or not.
With many other languages, you have a lot of functionality out of the box. Certainly, there have been bugs and security issues, but they're a drop in the bucket compared to what you see in the JS ecosystem. With other languages, you have a much smaller external dependency graph and the core functionality is coming from a trusted 3rd party.
Replies
Why Python, tho, in that case? Its stdlib is quite robust. Surprisingly so in some areas.
> Part of the point the article makes is that most other popular languages have a comprehensive standard library.
Both the Browser and Node.js standard library are fairly extensive. I don't think there's much you can do with other language you can't do with Node.js. And as a lot of newer languages have demonstrated (like zig and hare), you don't need an extensive one.
What important functionality do you feel is missing from the commonly used JS environments (node and browser) that is causing people to install it as a third party dependency?
The issue isn’t that the functionality doesn’t exist, it’s always backwards compatibility with versions where it did not yet exist.