Conversation

Notices

1. Embed this notice
   David Amador (djlink@mastodon.gamedev.place)'s status on Sunday, 09-Feb-2025 18:07:22 JST David Amador

   React builds were failing in India only because the government blocked a website so it would make gradle fail to build. I often think about this, frameworks can be nice but as they have freedom to pull other packages when needed it can break for any sort of unrelated reasons
   https://github.com/facebook/react-native/issues/49115#issuecomment-2634609323

   • Embed this notice
     Markus Latvala (markuslatvala@mastodon.gamedev.place)'s status on Sunday, 09-Feb-2025 18:07:20 JST Markus Latvala

     in reply to

     @djlink The whole package manager approach is so volatile. Not only are there connection risks, but also random breaking changes and even the possibility of stuff disappearing or an update introducing malware.

     I’ve seen big projects set up their own package sources/cache servers just to have a bit more control over the madness. Any experienced developer will also use exact version numbers for the references to prevent bad surprises.

     feld likes this.
   • Embed this notice
     feld (feld@friedcheese.us)'s status on Sunday, 09-Feb-2025 18:10:55 JST feld

     in reply to

     • Markus Latvala
     @markuslatvala @djlink this kind of stuff drives me nuts
     
     Sometimes Chef runs will fail because if a cookbook depends on a ruby gem it always checks rubygems.org even if it's already installed. So if the site goes down or is overloaded ... it's so dumb.
     
     So then you gotta setup a rubygems proxy and try to use that.
     
     They did finally add a setting to not do this but last I checked it wasn't in a release yet.
     
     How has this been default behavior for over a decade? How can you even quantify the amount of wasted bandwidth and electricity?