Javascript on suicide watch

archive.fo/2018.01.11-205122/https://github.com/npm/registry/issues/255

Many packages suddenly disappeared

Other urls found in this thread:

twitter.com/maybekatz
twitter.com/ReBeccaOrg
github.com/jonschlinkert/is-number>
lua.org/pil/2.3.html
github.com/jonschlinkert/is-odd>
mobile.twitter.com/izs/status/911105515798720513
redox-os.org/

Is this the power of Specdown?

...

Not the first time this happened, there was a widescale issue due to the same reason (dev of a very popular package killed their repo because of drama or some shit, every site using the library, which was a lot of them, became outright unusable for a week or so).
Or is it the same one?

...

That almost makes me want to become a nodejs developer just to make and subsequently memory-hole a highly depended package.

this

I have no fucking idea how node ever got popular considering it's easily the worst thing ever.

There is nothing wrong with node itself, you just have to stop being a fucking nigger and downloading libraries instead of writing code yourself.

Except for the fact that it uses javascript

Low barrier to entry, and thus you have low quality programmers.

There's nothing wrong with javascript either. It's certainly better than trying to script in php.

What the hell do you mean by that you faggot?
If you want to `script´ then use perl or if you're gay, python.

...

Is webdev still fairly lucrative? It seems that every other day I hear loads of shit about it, and most of it doesn't sound good.

Did you know Facebook put a license clause on React that says they can remove your right to use the library if you criticise them?

I didn't, but that doesn't really surprise me. I wish there was some kind of exploit that could be used to fuck over the modern web as we know it. Something really devious, something that would make people think twice about trusting every script that runs on their browser. If anything like that was found or is ever properly exploited, the framework of the nu-web would fucking implode. Wishful thinking, I guess.

I bet normalfags would notice if bitcoin miners really took off.

Slip in some code to a major library which randomly causes some words to turn into racial slurs.

Good.
Actually, it's time for an os to be built from the ground up in a single, simple and powerful language.
No systemd also.

Most probably wouldn't at first. I'd imagine they'd just throw their phone or laptop in the garbage and buy a new one like they always do when their device starts to slow down. In the long run they'd notice, although I'd imagine that would lead to devs getting sneakier with their miners.

Would be funny as hell, but not that practical or impactful in the long run.

It's a new one, which makes the problem that much worse.
npm have been scolded for this before, you can delete your package and your package name becomes instantly available to be used, perfect for malware.
npm worked so that package must be the package right? Nope.

Lua already exists.

...

I use PHP at work and while it's a very quirky language, I still prefer working in it to Javascript.

twitter.com/maybekatz
twitter.com/ReBeccaOrg

Trans fat and cat obsessed.

for fucks sake dude use the nsfw checkbox

That bicep is bigger than mine and I have been /fit/ for years.

it is mostly fat I think.
but, I know some other women, which do have nice biceps.

Get into martial arts, you might just start producing more testosterone.

I'm sure the biceps is barely there, most of that is just fat tissue.


I know you're just shitposting, but the first thing I noticed about Lua is how close it is to JavaScript, but less shit. If only they dropped variables being global by default and had 0-indexed lists it would great.

Lua had no integer types until version 5.3, is that true?
(and js still doesn't have them?)

i believe they removed that

If you're ever in the unfortunate position of having a node_modules directory, you should look in it for a good laugh. Just fucking look at this shit.

/*! * is-number github.com/jonschlinkert/is-number> * * Copyright (c) 2014-2015, Jon Schlinkert. * Licensed under the MIT License. */'use strict';var typeOf = require('kind-of');module.exports = function isNumber(num) { var type = typeOf(num); if (type === 'string') { if (!num.trim()) return false; } else if (type !== 'number') { return false; } return (num - num + 1) >= 0;};
Somebody looked at this an thought this is a good idea to have as an dependency with a readme and a full copy of the mit licence.
Also in its dependency kind-of:
[...]var type = typeof val; if (type === 'boolean') return 'boolean'; if (type === 'string') return 'string'; if (type === 'number') return 'number'; if (type === 'symbol') return 'symbol'; if (type === 'function') { return isGeneratorFn(val) ? 'generatorfunction' : 'function'; }[...]
Yes, kind-of just returns typeof for the types used! You can't make this shit up!

It was the next trendy thing for a while.

Lua still doesn't have integers, the deal with 5.3 is that the number type is represented as an integer sometimes behind the scenes for speed improvements.

Give lua a chance user, you might find you like only having 9 or so types.

No????????????

lua.org/pil/2.3.html
Wow this is top pajeet. Either go full high level and provide big integers like python or provide fixed width integers. Everything else is just retarded.

also this: number-is-nan
'use strict';module.exports = Number.isNaN || function (x) { return x !== x;};
With full copy of the MIT licence, package.json and reame, of course.

Other full modules include:/*! * is-odd github.com/jonschlinkert/is-odd> * * Copyright (c) 2015-2017, Jon Schlinkert. * Released under the MIT License. */'use strict';var isNumber = require('is-number');module.exports = function isOdd(i) { if (!isNumber(i)) { throw new TypeError('is-odd expects a number.'); } if (Number(i) !== Math.floor(i)) { throw new RangeError('is-odd expects an integer.'); } return !!(~~i & 1);};var toString = {}.toString;module.exports = Array.isArray || function (arr) { return toString.call(arr) == '[object Array]';};'use strict';module.exports = function (x) { var type = typeof x; return x !== null && (type === 'object' || type === 'function');};I dont Know What's worse, putting a licence on 3 lines of code or importing 3 lines of code with a full copy of a licence.

nope, that sucks
language without integer type cannot be taken seriously

then explain how function (x) {return x !== x;} replaces isNan. How does comparing a variable to itself do that?

this one too

NaN != NaN

that only works if the variable is literally NaN, if its a string and jou want to check if its numeric it wil
behave differently as Number.isNaN.

this is the current state of web programming
it makes me kind of sad, tbh

nevermind I'm an idiot who thought isNaN would check if it is numeric or not

Wait that is what isNaN does wtf

What did you expect there? Sane and reasonable behaviour?

There are a lot of things wrong with javascript, but isNaN is not one of those things.

[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((![]+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]+(!![]+[])[+[]]+(![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[!+[]+!+[]+[+[]]]+[+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[!+[]+!+[]+[+[]]])()

Every time.

fucking dropped

Absolutely disgusting.

who the fuck is it?

if (variable.hasOwnProperty('property') && variable.property.hasOwnProperty('property2) && etc, etc)

Me too, mainly for this reason.

if (isset(variable['property']['property1']) ...

I like lodash for shit like this.
if (_.get(variable, ['property1', 'property2']))

Yeah, i use lodash for this usually too. But, for work, we have a bulk import system where we need to write data transformation scripts and lodash isn't included with it.
So at first I was, painstakingly, doing that shit manually.
Now I just paste the following snippet in:
fromDotNotation: function(obj, path) { var i = 0, path = path.split('.'); for (; i < path.length; i++) { if (typeof obj[path[i]] === 'undefined' || !obj[path[i]]) { return ''; } obj = obj[path[i]]; } return obj; },

most jej

ES6 const and let nigga. Also this is slightly faster for loop expression checking
for (let i = 0, il = path.length; i < il; i += 1) { }

This is quite possibly the most useful thing we can do to improve the health of the internet.

And I like it, because this tactic has a proven track record. Infiltrating and attacking from within is quite effective, historically celebrated, and very difficult to defend against, especially when it comes from many different vectors.

We could fix javascript. By fix I of course mean destroy and purge all record of it's existence as punishment, while erecting a 50ft granite statue at the center of the world's largest landfill shaming the creators.

Without Javascript they'll just use some other cancer to fuck with your internet experience. The language isn't the cause of your suffering.

Yeah, but it is still confusing to look at. Old Man Crockford is right when he says that, when writing code, you should avoid confusion above everything else (sans the code working properly, of course).

Anybody knows if this account is the real thing?
mobile.twitter.com/izs/status/911105515798720513

This is why shit should be cloned and served locally.
NO, FUCK YOU

I highly doubt that it will work second time. After left-pad fiasco npm changed rules for removing package (now you can't if someone depends on you). And with their security tools (there was a minor fuckup caused by them recently) you probably will not be able to change it to something malicious.


It is.

Rust.

What does this code do? I'm not pasting it anywhere fuck no.

Paste it in Ideone, idiot.

redox-os.org/

...

It's the stock example from jsfuck.

false => ![]true => !![]undefined => [][[]]NaN => +[![]]0 => +[]1 => +!+[]2 => !+[]+!+[]10 => [+!+[]]+[+[]]Array => []Number => +[]String => []+[]Boolean => ![]Function => []["filter"]eval => []["filter"]["constructor"]( CODE )()window => []["filter"]["constructor"]("return this")()