fix: corrected headers
This commit is contained in:
parent
3d934c68fb
commit
7e49370917
4 changed files with 8 additions and 28 deletions
|
@ -1,6 +1,4 @@
|
||||||
---
|
# Package Counts
|
||||||
title: Package Counts
|
|
||||||
---
|
|
||||||
|
|
||||||
If you look at just about any feed site, usually one of the first things listed is the number of packages. You can see it on [NuGet](https://nuget.org/) and [Crates.io](https://crates.io/). Some years ago, [NPM](https://npmjs.org/) used to have it but it's been taken off since I noticed it.
|
If you look at just about any feed site, usually one of the first things listed is the number of packages. You can see it on [NuGet](https://nuget.org/) and [Crates.io](https://crates.io/). Some years ago, [NPM](https://npmjs.org/) used to have it but it's been taken off since I noticed it.
|
||||||
|
|
||||||
|
@ -14,7 +12,7 @@ With self-serve feeds, the number of packages is unbounded and functions less of
|
||||||
|
|
||||||
What the package counts try to sell is the number of "high quality" packages, ones that provide additional functionality or extend services. That is more difficult to quantify, simply because "quality" is subjective.
|
What the package counts try to sell is the number of "high quality" packages, ones that provide additional functionality or extend services. That is more difficult to quantify, simply because "quality" is subjective.
|
||||||
|
|
||||||
# Don't Repeat Yourself (DRY)
|
## Don't Repeat Yourself (DRY)
|
||||||
|
|
||||||
We have a term for writing the same code over and over again, [Don't Repeat Yourself](https://en.wikipedia.org/wiki/Don%27t_repeat_yourself) which is why we end up creating packages when the language fails to provide them.
|
We have a term for writing the same code over and over again, [Don't Repeat Yourself](https://en.wikipedia.org/wiki/Don%27t_repeat_yourself) which is why we end up creating packages when the language fails to provide them.
|
||||||
|
|
||||||
|
@ -22,7 +20,7 @@ Almost every language comes with a "base library" of features. It might be inclu
|
||||||
|
|
||||||
Probably the most famous would be `left-pad` which just added space or zero padding to a string in JavaScript. The key part is that JavaScript didn't, until recently, provide a way of doing left pad easily. So it would be up to developers to create their own. This means there were various that used loops with buffers next to implementations that concatenated strings with substring.
|
Probably the most famous would be `left-pad` which just added space or zero padding to a string in JavaScript. The key part is that JavaScript didn't, until recently, provide a way of doing left pad easily. So it would be up to developers to create their own. This means there were various that used loops with buffers next to implementations that concatenated strings with substring.
|
||||||
|
|
||||||
# Not Invented Here (NIH)
|
## Not Invented Here (NIH)
|
||||||
|
|
||||||
There are two aspects of Not Invented Here. The first are developers who want a favored tool or library but in a new language. This is things like `log4net`, `log4perl`, and `log4r`. They have their place but as the derivative library evolves with the language, it deviates from the source materials. Knowing `log4j` doesn't mean you know all the details of `log4net`.
|
There are two aspects of Not Invented Here. The first are developers who want a favored tool or library but in a new language. This is things like `log4net`, `log4perl`, and `log4r`. They have their place but as the derivative library evolves with the language, it deviates from the source materials. Knowing `log4j` doesn't mean you know all the details of `log4net`.
|
||||||
|
|
||||||
|
@ -30,7 +28,7 @@ Some languages try to consolidate that by providing an "official" method of comm
|
||||||
|
|
||||||
From my experiences, providing those official interfaces near the beginning have a significant impact in reducing the number of packages. Rust still has a number of logging libraries, but almost all of them funnel through the `log` crate abstraction.
|
From my experiences, providing those official interfaces near the beginning have a significant impact in reducing the number of packages. Rust still has a number of logging libraries, but almost all of them funnel through the `log` crate abstraction.
|
||||||
|
|
||||||
# Base or Standard Libraries
|
## Base or Standard Libraries
|
||||||
|
|
||||||
There are some arguments that languages should provide more as part of their base or standard library. Delphi, .NET Framework, and Java have rather extensive BCLs which significantly reduce the number of packages.
|
There are some arguments that languages should provide more as part of their base or standard library. Delphi, .NET Framework, and Java have rather extensive BCLs which significantly reduce the number of packages.
|
||||||
|
|
||||||
|
@ -42,7 +40,7 @@ Near to my heart was WebForms in the .NET Framework. I support a WebForms projec
|
||||||
|
|
||||||
I don't think we have a good word for these libraries, but the extension libraries (ECL) work well when they are implemented by the core language but are not integrate to the language and have a well defined life cycle even if the life cycle is "currently recommended with no end-of-life in sight."
|
I don't think we have a good word for these libraries, but the extension libraries (ECL) work well when they are implemented by the core language but are not integrate to the language and have a well defined life cycle even if the life cycle is "currently recommended with no end-of-life in sight."
|
||||||
|
|
||||||
# Reinventing the Wheel (RTW)
|
## Reinventing the Wheel (RTW)
|
||||||
|
|
||||||
In my early (okay, still) development career, I suffer from a need to reinvent the wheel. I wrote at least three command-line parsing libraries that worked the way "I want" or did the features I wanted. It took a conscious effort to focus on an existing one, even if it failed in some manner. That is why I used `CommandLineParser` in C# for so many years and then eventually gravitated to `System.CommandLine` (despite both of them being still fluid).
|
In my early (okay, still) development career, I suffer from a need to reinvent the wheel. I wrote at least three command-line parsing libraries that worked the way "I want" or did the features I wanted. It took a conscious effort to focus on an existing one, even if it failed in some manner. That is why I used `CommandLineParser` in C# for so many years and then eventually gravitated to `System.CommandLine` (despite both of them being still fluid).
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,4 @@
|
||||||
---
|
# "Don't Repeat Yourself"
|
||||||
title: Don't Repeat Yourself
|
|
||||||
---
|
|
||||||
|
|
||||||
According to Larry Wall, the creator of Perl, one of the three virtues of a good programmer is being lazy. In this regard, he means they look for ways of getting the effect for the least amount of code. The isolation of the library also means that individual components can be tested for correctness and any dependent package on it can be ensured that it "just work" as intended.
|
According to Larry Wall, the creator of Perl, one of the three virtues of a good programmer is being lazy. In this regard, he means they look for ways of getting the effect for the least amount of code. The isolation of the library also means that individual components can be tested for correctness and any dependent package on it can be ensured that it "just work" as intended.
|
||||||
|
|
16
src/index.md
16
src/index.md
|
@ -1,18 +1,4 @@
|
||||||
---
|
# Untrusted Packages
|
||||||
title: Untrusted Projects
|
|
||||||
#date: 2022-04-01
|
|
||||||
version: 0.0.1
|
|
||||||
categories:
|
|
||||||
- Development
|
|
||||||
tags:
|
|
||||||
- "C#"
|
|
||||||
- Typescript
|
|
||||||
- Rust
|
|
||||||
- Semantic Releases
|
|
||||||
- Packaging
|
|
||||||
summary: >
|
|
||||||
One person's idea of how to handle malicious or unreviewed packages across most languages.
|
|
||||||
---
|
|
||||||
|
|
||||||
The open-source ecosystem is huge with thousands upon thousands of developers creating billions of projects across multiple languages. Most of the time, these packages are pushed up to a centralized sites for discovery and download with no human oversight.
|
The open-source ecosystem is huge with thousands upon thousands of developers creating billions of projects across multiple languages. Most of the time, these packages are pushed up to a centralized sites for discovery and download with no human oversight.
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,4 @@
|
||||||
---
|
# Self-Serve
|
||||||
title: Self-Serve
|
|
||||||
---
|
|
||||||
|
|
||||||
Outside of a single developer or team, [DRY](./dry/) means that there needs to be a mechanism for discovering and using other's work to avoid repeating their work also. That is the basis of package ecosystems.
|
Outside of a single developer or team, [DRY](./dry/) means that there needs to be a mechanism for discovering and using other's work to avoid repeating their work also. That is the basis of package ecosystems.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue