The title is provocative and attention grabbing. -- It's completely fair game to react to the provocation rather than the substance of the article itself. (Or, rather, it's silly to use attention grabbing rhetoric, then complain that people paid attention to the rhetoric).
I'd prefer instead a more balanced title like "Remember to Consider the Costs When Using Package Managers", or whatever.
> It's completely fair game to react to the provocation rather than the substance of the article itself.
Yeah, but its down right stupid to do so.
The title isn't even misleading or part of a Motte-and-bailey argument.
People just hear "Package Managers are Evil" and assume that the author means you shouldn't use third party dependencies. Which is NOT what's being argued.
But I guess you'd know that, if you read passed the title.
In the article, the author does say "I am not advocating to write things from scratch", while also describing third party dependencies as liabilities (e.g. security vulnerabilities), that people are too trusting of third party dependencies, that people overestimate the quality of third party dependencies.
I think you're splitting hairs if you're saying that these points from the article argue against package managers but don't argue against using third party dependencies.
I similarly think you're splitting hairs if to consider "package managers are useful?" and "third party dependencies are useful?" as distinct points.
Liability: "Something for which one is liable; an obligation, responsibility, or debt."
Third party dependencies absolutely are liabilities.
You are liable to vet them, inspect their licenses and keep them updated while ensuring that they continue working with your existing code.
This is not something package managers help you do.
Package managers like NPM make it trivial to skip these steps entirely.
What is being argued for, is a more thoughtful approach to handling third party dependencies. Or at the very least, the need for people to realise that there are costs associated with bringing third party dependencies into your codebase.
Its not splitting hairs at all.
Its more of an presumption on the part of a large number of readers, that the 2 points argued conflate to "Package manager suck, because third party dependencies suck and you should write everything from scratch instead".
It was clickbait because the article, which I did read, did not support the contention that package managers are evil. Therefore "evil" seems to be used in a hyperbolic way to grab attention, which makes it clickbait, specifically ragebait.
I wouldn't class it as clickbait myself, but I will stand by the use of the word "evil". I am using evil in the very old fashioned sense: the privation of the good. Is the title provocative? Yes. But that's the point of the article in general. I am trying to argue that they are a net bad with virtually no good upsides to them for the programming world as a whole. They've automated something at scale which should not have been automated. And to be clear, there is no solution to the problems they are trying to solve, rather it's all about trade-offs.
I a little annoyed that HackerNews post renamed it to "A critique of package managers" because that implies very different connotations. I'd view an article written like that as if I have some criticisms that could be addressed, rather than the entire concept being bad from the start.
> I am trying to argue that they are a net bad with virtually no good upsides to them for the programming world as a whole.
What I'm saying is that you have failed in this argument. You hardly even attempt to make it. Thus clickbait.
You said "this is why I am saying it is evil, as it will send you to hell quicker."
Okay, so then it's up to you to prove this hell actually exists. But you don't. You just assert its existence -- "Dependency hell is a real thing which anyone who has worked on a large project has experienced." By framing it this way, you can dismiss anyone who claims to not have experienced this as not having sufficient experience. But reading the comments here, a lot of people have experienced a sort of "dependency hell" (the kind that's talked about in the wiki you link to) that is solved by package managers.
So that's why it's classed as clickbait -- you (admittedly) wrote a provocative headline that you don't even remotely back up.
FYI for the future since you're lamenting in many comments that people are misinterpreting you, this is why. Given that you don't really make an attempt to prove this dependency hell and package managers are evil, and you don't acknowledge anything good about them, it's reasonable to assume your bias is just that dependencies are evil at their core. It's actually the most charitable reading because otherwise you seem confused.
Then again, there is a trope going back to Knuth - "Premature optimization is the root of all evil" - which is an argument that it is not clickbait, but merely applying a pattern in discussions about computer programming.
The title of the article comes from the direct words I said in the video, of which the article is effectively a polished transcription of.
Your "more balanced title" isn't even close to what I am saying. I am saying that Package Managers are just bad and should not be used. Not "remember to consider the costs". The net cost is bad for everyone, that's why I said "evil".
My wife bought this. I was deeply sceptical. But it's lovely, you can put story cards in it. My 6 year old daughter loves it. And we listen to a daily yoto podcast at dinner every day.
Neat. I wonder if the files are stored on that card (and if yes, how) or if it works like the Toniebox where you have some kind of token that triggers a network download.
EDIT: this Reddit thread says it downloads the files. "All the audio files live in the cloud and it gets downloaded to your Yoto when you insert a card in the speaker. This means that you will need WiFi the first time you listen to a card, but should be fine without the next time you want to play the same."
"Dame Rachel told BBC Newsnight: "Of course, we need age verification on VPNs - it's absolutely a loophole that needs closing and that's one of my major recommendations." - https://www.bbc.com/news/articles/cn438z3ejxyo
They phrase it as age verification, but what they mean is the VPN provider needs to provide them the client list...
Every executive publicly saying obviously* false things like X job will be done by AI in 18 months is putting downward pressure on the labor market. The pressure is essentially peer pressure among executives: are we stupid for continuing to hire engineers instead of handing our engineering budget to Anthropic?
* - Someone should maintain a walkback list to track these. I believe recent additions are Amodei of Anthropic and the CEOs of AWS and Salesforce. (Benioff of Salesforce, in February: "We're not going to hire any new engineers this year." Their careers page shows a pivot from that position.)
Stuff that isn’t pure SaaS. Physical products that benefit from hands on interaction with customers, worksites, and other internal producers. Small and/or local businesses that want someone whose face they can see in person.
Excellent! I wanted to check a new SD card I bought from Amazon. It's pretty much the best as card available for use with a steam deck, yet often it needs to be reinserted which is making me suspicious
I've been a paying user for years.
Their desktop UI is awful.
They introduced a feature that took me hours and hours to disable (the file not downloaded until you try to open it thing). One bit of documentation pretty much lied about turning it off. Turned out it had to be disabled in more than one place.
I still use them as I don't have time to move else where. Plus they run on Linux and windows which is what I need.
I wish they had "I'm only interested in file sync" mode so that the whole mess of other features is hidden from me.
> They introduced a feature that took me hours and hours to disable (the file not downloaded until you try to open it thing). One bit of documentation pretty much lied about turning it off. Turned out it had to be disabled in more than one place.
Are you able to say what the relevant settings are? (I would like to be able to do that too ...)
> I wish they had "I'm only interested in file sync" mode so that the whole mess of other features is hidden from me.
Unfortunately dropbox has been in the Enshittification phase for quite a while. They had a good while where they had extra features but no one used them cause no one wanted random feature 'x' from dropbox, they just wanted to sync files so dropbox began pushing them in your face and making you work to get what they had working perfectly 15 years ago.
I've no idea why, but the phrase "it's addicting" is really annoying, I'm pretty certain it should "it's addictive". I've started seeing it everywhere. (Note, I haven't completely lost my mind, it's in that article).
reply