GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:09:09 JST Paul Cantrell Paul Cantrell
    • Thomas 🔭🕹️

    @thomasfuchs
    Yeah, Javascript land specifically (which I assume is what you’re thinking of) is completely off the rails on that front right now.

    In conversation about 10 months ago from hachyderm.io permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:15:13 JST Paul Cantrell Paul Cantrell

      Surfacing from replies (see context upthread).

      I’ve watched the pendulum swing back and forth multiple times in my career between “code reuse ftw!!” and “no dependencies!!” The one thing I can say with confidence is that both those extremes as dogma are ridiculous and costly. It’s all tradeoffs; you can’t escape the part where you think carefully and contextually.

      1/ https://hachyderm.io/@inthehands/115237696859291899

      In conversation about 10 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        Paul Cantrell (@inthehands@hachyderm.io)
        from Paul Cantrell
        @juandesant@mathstodon.xyz @timbray@cosocial.ca I do agree to a large extent — or at least hope for it to be true! — but your sentiment suggests that •quality• of maintenance matters at least as much as the sheer •quantity• of dependencies.
      Linux Walt Alt (@lnxw37a2) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} likes this.
      ✧✦Catherine✦✧ repeated this.
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:16:26 JST Paul Cantrell Paul Cantrell
      in reply to

      A second thought now, newly surfacing in the wake of the Wordpress fiasco and the emerging Ruby gems crisis:

      We should pay a lot more attention to the •human system• dependencies we’re introducing when we import a library, not just the code.

      2/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:21:00 JST Paul Cantrell Paul Cantrell
      in reply to
      • Erin Kissane

      The excellent @kissane (https://erinkissane.com) has written a lot about the idea of “governance” in tech: the human networks and processes that surround the things that we build. Erin has proposed — and I agree, though I long failed to see it! — that governance is the gaping hole in the way we build OSS, shared infra, and the whole technology commons.

      3/

      In conversation about 10 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        Erin Kissane's small internet website
        The latest entries posted on Erin Kissane's small internet website
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:24:44 JST Paul Cantrell Paul Cantrell
      in reply to

      Any developer worth their salt knows that the outputting code is the easiest part of software development, and that code as an artifact has little value without everything that surrounds it: the people, the shared knowledge, the practices (both formal and informal), the infrastructure, the networks of trust, etc etc.

      And yet!! like fools, we’ve got ourselves hung up on OSS licenses and copyright — the legal structures surrounding the code itself — as if code were in fact the only thing that really matters. As if we didn’t know better.

      4/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:31:39 JST Paul Cantrell Paul Cantrell
      in reply to

      There are light years between (1) “I thought this code was useful, so I shared it online and slapped an OSS license on it” and (2) “We set up a foundation to fund ongoing maintenance of this critical OSS project while guaranteeing its independence.”

      The “dependency, fork, or rewrite?” question looks very, very different for (1) vs (2).

      Yet how many of us think about where any given library dependency sits on that continuum when we add a dependency? Even if we try, how can we ••tell••?

      5/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:33:29 JST Paul Cantrell Paul Cantrell
      in reply to

      I’d venture that the situation depicted in the classic and obligatory xkcd on the topic (https://xkcd.com/2347/) is rooted in the failure to distinguish (1) and (2).

      So is a lot of OSS burnout: somebody shares something cool in the spirit of (1), maybe even tries to be a good individual steward of it, and next thing you know people are beating down their door with demands and complaints as if they are (2).

      6/

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: imgs.xkcd.com
        Dependency

      2. https://media.hachyderm.io/media_attachments/files/115/237/821/059/417/794/original/6f088d5071a7574e.jpeg
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:37:12 JST Paul Cantrell Paul Cantrell
      in reply to

      Somebody (maybe it was Erin? can’t remember) proposed that we should have a menu of governance structures just as we currently have a menu of OSS licenses, crafted with the same care and granted the same importance, so that somebody looking to share code can:

      - communicate very clearly where they are on that continuum from “Here’s some cool code, maybe it’s useful” to “There is solid, sustainable human infra behind this code,” and

      - get guidance and support so that, as their project grows, it moves smoothly along that continuum of governance.

      7/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:40:03 JST Paul Cantrell Paul Cantrell
      in reply to

      That’s a really hard problem, and not one that will be solve in my ad hoc Saturday posts (or in my replies). I have no answers. I do however have one model to study, which is this org my dad helped found:

      https://www.wildernessalliance.org

      They help people set up wilderness stewardship volunteer groups. (There’s a wilderness area near you! You want to help take care of it! How do you do that? What is actually helpful?? What are models and best practices??? Where do you even start????)

      8/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 02:42:26 JST Paul Cantrell Paul Cantrell
      in reply to

      How do they do this?

      They don’t just slap some guides online and call it a day.

      They run trainings. They hold conferences. They get people talking. They do an •unimaginable• amount of work building relationships, talking to people, learning about needs, learning about successes, sharing, trying to make what works reproducible.

      It is significant ongoing human labor. That’s something we software folks (especially in OSS) have been tragically dismissive of, allergic too. We’ve got to get over it.

      /end?

      In conversation about 10 months ago permalink

      Attachments


    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:03:50 JST Paul Cantrell Paul Cantrell
      in reply to

      The longtime appeal of the BDFL (“benevolent dictator for life”) model of OSS governance comes in part from the fact that most projects naturally start there — “here’s some cool code” — and partly in our impostor-phenom-driven culture of hero worship, but…

      …it also comes from our dev culture allergy to taking human systems seriously.

      /10

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:06:40 JST Paul Cantrell Paul Cantrell
      in reply to

      The idea that having a benevolent dictator forever is actually a good idea? That’s a nonsense thought rooted in the feeling that all this human stuff •isn’t even a real problem•: mushy nonsense, female-coded and thus low-status, can’t we just build good technology all day and not think about people.

      (No, dumbass, you can’t, not if you actually want it to be good.)

      11/

      In conversation about 10 months ago permalink
    • Embed this notice
      Jenniferplusplus (jenniferplusplus@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:11:27 JST Jenniferplusplus Jenniferplusplus
      in reply to

      @inthehands i know I've suggested similar things

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:13:22 JST Paul Cantrell Paul Cantrell
      in reply to

      My dear fellow developers, is there any single phrase that makes you want to just punch someone faster than “Can’t you just…?”

      NO, WE CAN’T JUST. THIS PROBLEM IS ACTUALLY HARD, AND YOU ONLY THINK IT’S EASY BECAUSE YOU DON’T EVEN •SEE• THE PROBLEM IN THE FIRST PLACE.

      The BDFL model of OSS governance is •us• saying “Can’t you just…?”

      Sorry. We’re doing it too. Sorry to break it to you.

      12/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:13:47 JST Paul Cantrell Paul Cantrell
      in reply to
      • Jenniferplusplus

      @jenniferplusplus
      Ah! I may be thinking of something you said too!

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:15:54 JST Paul Cantrell Paul Cantrell
      in reply to
      • Kushnerin pelottava enkeli

      One of the obligatory classics on the general topic, ht @carto:

      https://mastodon.online/@carto/115237953550201658

      13/

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:19:10 JST Paul Cantrell Paul Cantrell
      in reply to
      • cratermoon

      Another classic, ht @cratermoon. At first pass, this appears to be a purely technical description of a surprising attack — and then his closing remarks focus more on the then-nascent cultural and legal context of cybersecurity concerns.

      But lurking underneath his remarks is this crucial insight: you can’t ever just trust •code• when you’re writing software; at some level, you also have to trust •people•.

      https://zirk.us/@cratermoon/115237945294118620

      14/

      In conversation about 10 months ago permalink
      Blaise Pabón - controlpl4n3 repeated this.
    • Embed this notice
      Jenniferplusplus (jenniferplusplus@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:24:00 JST Jenniferplusplus Jenniferplusplus
      in reply to

      @inthehands this is definitely my most coherent discussion of (the lack of) governance in foss
      https://jenniferplusplus.com/the-free-software-commons/

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: jenniferplusplus.com
        The free software commons
        Free and open source software has become a modern commons, but now it's vulnerable. Freedom isn't sufficient to secure it for the future.
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:28:45 JST Paul Cantrell Paul Cantrell
      in reply to
      • Jenniferplusplus

      Aha!!! This is one of the pieces I was trying and failing to think of upthread, from the always excellent @jenniferplusplus (and I’m embarrassed that I couldn’t bring it to mind earlier, sorry Jennifer):

      https://jenniferplusplus.com/the-free-software-commons/

      15/

      In conversation about 10 months ago permalink
      Blaise Pabón - controlpl4n3 repeated this.
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 03:31:11 JST Paul Cantrell Paul Cantrell
      in reply to
      • Paul_IPv6

      @paul_ipv6
      In the case of OSS, it’s very often more like “truly well-meaning person whose personal project grew large while they remained in charge of it.” Doesn’t matter; it’s always unsustainable.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul_IPv6 (paul_ipv6@infosec.exchange)'s status on Sunday, 21-Sep-2025 03:31:12 JST Paul_IPv6 Paul_IPv6
      in reply to

      @inthehands

      "benevolent dictator". just a dictator with a slick sales pitch or competent propaganda team.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 05:31:57 JST Paul Cantrell Paul Cantrell
      in reply to
      • all-inclusive gender resort

      @carol
      Something like that sure seems to be the case with Wordpress.

      In conversation about 10 months ago permalink
    • Embed this notice
      all-inclusive gender resort (carol@crabby.fyi)'s status on Sunday, 21-Sep-2025 05:31:59 JST all-inclusive gender resort all-inclusive gender resort
      in reply to

      @inthehands
      Sometimes it seems like a BDFL situation is someone getting a tiny little bit of power over their corner of the universe and not wanting to give that up, no matter the cost.

      In conversation about 10 months ago permalink
    • Embed this notice
      Jenniferplusplus (jenniferplusplus@hachyderm.io)'s status on Sunday, 21-Sep-2025 05:32:07 JST Jenniferplusplus Jenniferplusplus
      in reply to

      @inthehands I linked to an article from tidelift in that post, as part of a discussion that money is at best part of the solution, and would just exacerbate the problems in isolation.

      That link now redirects to sonar source, because they bought tidelift. I think rereading that section with that context really accentuates the point

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 05:59:54 JST Paul Cantrell Paul Cantrell
      in reply to
      • Jenniferplusplus

      @jenniferplusplus
      Ha, so true it hurts

      In conversation about 10 months ago permalink
    • Embed this notice
      Alyssa Coghlan (ancoghlan@mastodon.social)'s status on Sunday, 21-Sep-2025 06:00:42 JST Alyssa Coghlan Alyssa Coghlan
      in reply to

      @inthehands It's not the full spectrum, but https://unmaintained.tech/ at least anchors one end of that range.

      In conversation about 10 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        No Maintenance Intended
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 06:00:42 JST Paul Cantrell Paul Cantrell
      in reply to
      • Alyssa Coghlan

      @ancoghlan
      Oh, that’s good. I may actually slap this on a few projects.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Sunday, 21-Sep-2025 06:01:20 JST Paul Cantrell Paul Cantrell
      in reply to
      • Matthew Skelton

      @matthewskelton
      I’m really glad to hear people introducing the idea of stewardship in more contexts. I’m sure the word will get flattened if / as soon as it’s more widely used, but we have to keep trying anyway!

      In conversation about 10 months ago permalink
    • Embed this notice
      Matthew Skelton (matthewskelton@mastodon.social)'s status on Sunday, 21-Sep-2025 06:01:21 JST Matthew Skelton Matthew Skelton
      in reply to

      @inthehands this is superb - thank you! I find the whole concept and practice of stewardship crucial to any sensible approach to software and (well) anything really.

      Feels like something like 'continuous stewardship' is a key concept we need...

      https://speakerdeck.com/matthewskelton/continuous-stewardship-effective-humane-services-enriched-by-software-fast-flow-conf-2024-london-matthew-skelton

      In conversation about 10 months ago permalink
    • Embed this notice
      Raven667 (raven667@hachyderm.io)'s status on Sunday, 21-Sep-2025 09:48:54 JST Raven667 Raven667
      in reply to

      @inthehands Maybe one of the positive side effects of recent EU regulations on software liability will be to have these communications and make the context clear to everyone, between "this software is provided AS-IS with no warrany whatsoever" and "this software is part of a critical supply chain" so that the ecosystem of the latter is likely to set up the Foundation and related income stream for the primary maintainers, because the downstream who incorporates the software into their product is liable in the first case, but if they pay the Foundation they can shift liability to that, and in doing so provide the Foundation the resources it needs to be a steward of the software. Neat trick, if it works.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:00:46 JST Paul Cantrell Paul Cantrell
      in reply to
      • MaineC

      @mainec Interesting. Seems like many useful ideas there.

      In conversation about 10 months ago permalink
    • Embed this notice
      MaineC (mainec@fromm.social)'s status on Monday, 22-Sep-2025 05:00:47 JST MaineC MaineC
      in reply to

      @inthehands https://github.com/InnerSourceCommons/InnerSourcePatterns/blob/main/patterns/2-structured/governance-levels.md is based on that idea

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: repository-images.githubusercontent.com
        InnerSourcePatterns/patterns/2-structured/governance-levels.md at main · InnerSourceCommons/InnerSourcePatterns
        These patterns document how to apply open source principles and practices for software development within the confines of an organization - aka InnerSource. - InnerSourceCommons/InnerSourcePatterns
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:15:50 JST Paul Cantrell Paul Cantrell
      in reply to
      • Thomas 🔭🕹️

      @thomasfuchs FWIW, I did a quick scan of Ruby and JS projects on my machine (mix of client work, personal projects, student projects, and OSS stuff I have locally cloned) and got a line count of the lock files (which is a rough proxy for # of dependencies).

      Ruby was mean 72, median 37, max 671. (Rails apps tend to be in the low hundreds.)

      JS was mean 7435, median 4743, max 30225 (!!).

      Preposterously unscientific sample here, but…eyebrow-raising nonetheless.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:18:53 JST Paul Cantrell Paul Cantrell
      in reply to
      • Thomas 🔭🕹️

      @thomasfuchs
      (That ~30,000 dependency project has only 30 direct dependencies! It’s basically just react + babel + expo + firebase + jest.)

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:25:00 JST Paul Cantrell Paul Cantrell
      in reply to
      • Jens Finkhäuser
      • Timo Grün

      @jens @khoji
      I’m perpetually unconvinced that this distinction is as crisp as the Free Software folks believe it to be.

      In conversation about 10 months ago permalink
    • Embed this notice
      Jens Finkhäuser (jens@social.finkhaeuser.de)'s status on Monday, 22-Sep-2025 05:25:02 JST Jens Finkhäuser Jens Finkhäuser
      in reply to
      • Timo Grün

      @khoji @inthehands Well, the Open Source movement has always had a capitalist streak. Free Software less so.

      In conversation about 10 months ago permalink
    • Embed this notice
      Timo Grün (khoji@ieji.de)'s status on Monday, 22-Sep-2025 05:25:03 JST Timo Grün Timo Grün
      in reply to

      @inthehands
      Somehow I have a suspicion that the original concept behind FOSS wasn’t to become the bedrock foundation of surveillance capitalism.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:26:09 JST Paul Cantrell Paul Cantrell
      in reply to
      • Bradalot “:verified:”

      @bradr
      I saw a lot of unhelpful gear-grinding in the late 90s and early 00s when companies •tried• to make this conversation cross-functional without knowing how: managers jittery about whatever random thing they heard about OSS in the Gartner-world chatter, engineers angry that they can’t just use the thing that fixed the problem •now•, nobody really asking the useful questions about what the ongoing maint work of adopting or not adopting some library actually looks like.

      In conversation about 10 months ago permalink
    • Embed this notice
      Bradalot “:verified:” (bradr@infosec.exchange)'s status on Monday, 22-Sep-2025 05:26:10 JST Bradalot “:verified:” Bradalot “:verified:”
      in reply to

      @inthehands

      We should pay a lot more attention to the •human system• dependencies we’re introducing when we import a library, not just the code.

      For big-co environments: This is also a great argument for making the conversation about dependencies broadly cross-functional, and up and down the organization, rather than a silo'd intra-engineering conversation about whether to "buy or build".

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:30:04 JST Paul Cantrell Paul Cantrell
      in reply to
      • Erin Kissane
      • Jenniferplusplus
      • jack

      @jackeric @kissane @jenniferplusplus
      I will accept this.

      In conversation about 10 months ago permalink
    • Embed this notice
      jack (jackeric@beige.party)'s status on Monday, 22-Sep-2025 05:30:06 JST jack jack
      in reply to
      • Erin Kissane
      • Jenniferplusplus

      @inthehands I think the correct grammar is "Their excellences @kissane and @jenniferplusplus..." - and if that's not correct grammar then it should be

      In conversation about 10 months ago permalink
    • Embed this notice
      Wolf480pl (wolf480pl@mstdn.io)'s status on Monday, 22-Sep-2025 05:30:25 JST Wolf480pl Wolf480pl
      in reply to

      @inthehands not everyone has has the skill to do this human stuff.

      Some people find dealing with humans incredibly stressful.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:30:25 JST Paul Cantrell Paul Cantrell
      in reply to
      • Wolf480pl

      @wolf480pl
      This is why it is important to form effective teams of people with non-identical competences.

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 05:31:15 JST Paul Cantrell Paul Cantrell
      in reply to
      • Erin Kissane
      • Jenniferplusplus
      • Antonin Delpeuch

      @pintoch @kissane @jenniferplusplus
      I think having some off-the-shelf recipes is a good idea as far as it goes, but it’s at best a tool and not a whole solution. See what I wrote in the thread about the National Wilderness Stewardship Alliance and what their real work consists of. Recipes could be a great part of some larger thing along those lines.

      In conversation about 10 months ago permalink
    • Embed this notice
      Antonin Delpeuch (pintoch@mamot.fr)'s status on Monday, 22-Sep-2025 05:31:17 JST Antonin Delpeuch Antonin Delpeuch
      in reply to
      • Erin Kissane
      • Jenniferplusplus

      @inthehands @kissane @jenniferplusplus thanks for the pointers! I'd love to have your opinions on this idea I pitched some time ago: https://antonin.delpeuch.eu/posts/off-the-shelf-governance-models-for-small-foss-projects/

      In conversation about 10 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: antonin.delpeuch.eu
        Off-the-shelf governance models for small FOSS projects?
        A one-person open source project with a governance model, is that ridiculous? In this blog post I want to convince you it isn’t, and it could be key to solving widespread problems in the FOSS (Free and Open Source Software) ecosystem. The problems The free software movement is successful in many ways, but there are still annoying aspects to it. There are many situations where I feel like there is no shortage of people with goodwill, but we still fail to work together.
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 06:12:15 JST Paul Cantrell Paul Cantrell
      in reply to
      • Wolf480pl

      @wolf480pl
      That is a genuinely hard problem! And a deep problem! There should be ready assistance for those who want it!

      In conversation about 10 months ago permalink
    • Embed this notice
      Wolf480pl (wolf480pl@mstdn.io)'s status on Monday, 22-Sep-2025 06:12:16 JST Wolf480pl Wolf480pl
      in reply to

      @inthehands
      so I guess he hard part is: how do you go from 1 maintainer to 2

      In conversation about 10 months ago permalink
    • Embed this notice
      Paul Cantrell (inthehands@hachyderm.io)'s status on Monday, 22-Sep-2025 11:04:06 JST Paul Cantrell Paul Cantrell
      in reply to
      • Thomas 🔭🕹️
      • Kevin Boyd (he/him) 🇨🇦

      @kboyd @thomasfuchs
      My method would include dev dependencies. Bundler actively hides dependencies not mentioned in the lockfile from the app.

      In conversation about 10 months ago permalink
    • Embed this notice
      Kevin Boyd (he/him) 🇨🇦 (kboyd@phpc.social)'s status on Monday, 22-Sep-2025 11:04:07 JST Kevin Boyd (he/him) 🇨🇦 Kevin Boyd (he/him) 🇨🇦
      in reply to
      • Thomas 🔭🕹️

      @inthehands @thomasfuchs In the interests of fairness: do ruby apps tend to include dev dependencies at the local level, or do they lean global for that? Because that could really pad things out. (A quick check of php on my system, via composer.lock, suggests that it is somewhere in between the two you've checked, but I also have concerns that the format of each lang's lock file impedes true comparison)

      In conversation about 10 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.