『How Open Source Projects Manage Dependency Churn』のカバーアート

How Open Source Projects Manage Dependency Churn

How Open Source Projects Manage Dependency Churn

無料で聴く

ポッドキャストの詳細を見る
In episode 32 of Open Source with Fexingo, Lucas and Luna explore the growing challenge of dependency churn in open source projects. With over 2.5 million packages on npm alone, maintainers face constant updates, security patches, and breaking changes. The hosts dive into the story of a single Node.js utility library that depended on 1,200 packages — and how its creator trimmed it down to just 12. They discuss tools like Dependabot, the concept of 'dependency hygiene,' and why the left-pad incident of 2016 still haunts the ecosystem. Lucas explains why the average JavaScript project now has 1,500 vulnerable dependencies, and Luna questions whether the free-rider problem is getting worse. The episode offers practical takeaways for developers and project leads, including how to audit your own dependency tree without losing your mind. #DependencyChurn #OpenSource #NodeJs #JavaScript #npm #Dependabot #LeftPad #SupplyChainSecurity #MaintainerBurnout #SemVer #LockFiles #TechDebt #FexingoBusiness #BusinessPodcast #Tech #SoftwareMaintenance #DeveloperTools #CommunityDriven Keep every episode free: buymeacoffee.com/fexingo
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません