Not entirely the usual fare, but i figured some here would appreciate it

I often rag on the js/node/npm ecosystem for being utter garbage, and this post is a quite a full demonstration of many of the shortcomings and outright total design failures present in that space

  • froztbyte@awful.systemsOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    when I first did this for a project a couple of years ago, the github api endpoint for this sucked extremely bad. I no longer remember all the details but it was something like 3 different sets of things you had to get to make sure you had somewhat of a full picture. might be better these days. and even then it’s still only the first piece in the puzzle

    but yeah, by and large a rather extreme percentage of the modern industry is extremely dependent on a vary narrow scope of SPoFs, and may are clueless about how to even approach this. 2 decades of computer-renting, yay!

    • Deborah@hachyderm.io
      link
      fedilink
      arrow-up
      0
      ·
      9 months ago

      In the micro, it’s usually the correct choice to have SaaS everywhere. I don’t mean the anti-labor parts like “outsource your entire [X] department to a SaaS product”, but for infrastructure? Akamai, azure, AWS, google, cloudflare, etc. are all vastly more qualified, because of scale, to manage the threat landscape. And once you’re in that ecosystem why not tie yourself into it tighter and tighter? The next thing you know US-East-1 goes down & your entire crisis mitigation system is busted.