Comments (4)
bluwy
commented on September 22, 2024
Showing files only is intentional as I'd like to encourage authors to publish files that are only needed and respect the users' network bandwidth. The same could be said when adding new files that were not meant to be published too. If they prefer to use .npmignore, the rules documentation for the suggestion has a link that indirectly points to it, so I prefer to keep it the way it is for now.
from publint.
ljharb
commented on September 22, 2024
that's unfortunate, since "publish only files that are needed", and the user's network bandwith, is much much less important than protecting the user's runtime application by keeping it working.
it's npm's job to manage bandwith, not individual package authors.
from publint.
bluwy
commented on September 22, 2024
Both are certainly equally important and package maintainers should equally prioritise them before publishing packages. But I think .npmignore gives the bigger leeway to make mistakes without an easy way to identify them.
from publint.
ljharb
commented on September 22, 2024
I don't agree they're equally important; correctness is far more important than a largely infinite resource.
files gives a bigger leeway to make a mistake that uses less bandwith but breaks an application; npmignore gives a bigger leeway to make a mistake that uses more bandwith but has no other impact on an application.
Downtime is infinitely more expensive than bandwith, thus, npmignore is the safer and better approach.
from publint.
Related Issues (20)
- wrong error for "main" HOT 6
- Skip "The package publishes internal tests or config files" check? HOT 8
- Suggest adding `"type"` field to all packages HOT 3
- Monorepo support HOT 1
- Check if root is exported through mainFields but not exports
- API endpoint to analyse remote packages HOT 2
- Donating Funds to Publint HOT 1
- Warn on the usage of fallback arrays in the `exports`/`imports` field HOT 1
- feature requerst: badges like shields.io HOT 1
- Upgrade warning to error HOT 1
- File existence checks does not work on exports of non-js files HOT 5
- [NEW RULE] Check "repository.url" value HOT 3
- Publint suggestions to replace dependencies HOT 2
- Bump `npm-packlist` from `5.1.3` to `8.0.2` HOT 1
- Update message for required `type` HOT 2
- Publint doesn't respect excluded subfolders in the `exports` HOT 1
- Suggestions as error in CLI mode HOT 3
- feat: allow to strip ANSI for the result of `formatMessage` HOT 4
- Invalid github icon link for `"repository"` shortcut syntax HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from publint.