undefined | Better HN

0 pointsmcny8y ago0 comments

I cannot believe anyone will defend npm over it.

There is no scenario where it is OK to hand over a namespace to someone else. At worst, it is acceptable to make a namespace unavailable to anyone.

I think npm is completely unable to exist as an organization and should disband immediately.

0 comments

Kliment8y ago

Trouble is, if they do that, someone else will quickly replace them, take over the same function, and users will likely not notice that they are now trusting a different unverifiable entity to ensure package integrity

mcnyOP8y ago

Users will continue to trust what comes packages with node. Nothing needs to change from a user's perspective. They will still type npm ... But it will point to a new infrastructure (and more importantly led by nobody currently leading npm).

If node wants to do this, I think they totally can. There just needs to be the will to cut off and blacklist the current npm team.

j / k navigate · click thread line to collapse