Re: Lots and lots of tiny node.js packages
I see that a similarly large number of smallish libraries are getting
packaged for golang. When I first looked into it, and maybe it's
still the case, these were only to allow other Debian packages written
in Go to be compiled; developers were still encouraged to use the Go
package ecosystem ("go get ..."). And whenever I've built node
programs, I also just use "npm install ..." rather than looking for a
If that's the primary use case, then perhaps there could be a simpler
way to deal with the dependencies of node and Go projects than
packaging each of them for a mostly nonexistent developer audience.
We could just make snapshots of the versions (obtained via "go get" or
"npm install") used to build the end-user packages, for
auditing/security/reproducibility purposes. These could be stored in a
well-defined place in the Debian archives, without "exporting" them
via .deb files, Packages entries, etc.
Eric Cooper e c c @ c m u . e d u