forums, mailing lists and other tools

Thu Jan 18 12:31:49 UTC 2018

> On 18/01/18 12:14, Carsten Agger wrote:
> 
>> 2. However, I find containers to be black magic. How can you trust them
>> to be 100% free software if you don't build them yourself? I honestly
>> don't know if Debian's packaging model is a perfect fit for distributing
>> JavaScript, which is, I suppose, why people have come up with npm etc.
> 
> I don't think it is about whether Debian's model is perfect or not
> 
> Rather, it is about people taking one or more of the following shortcuts:
> 
> - they want to use build tools that don't exist in Debian because they
> are not free software (e.g. jslint, jshint)

FWIW, none of these are build tools. These are just linting tools, that people use regardless of the packaging/build. I'm personally using ESLint, which is MIT licensed.

> - they want to use other JavaScript libraries that are not free software

I understand you point in this thread in general, but using npm or not using Debian packages doesn't necessarily equals using non-free software.

> - they don't want to spend time on little things like creating a proper
> install directory for their files because they just hack on them in
> their web server directory

No developer touches a web server directory. At least not on a proper deployment workflow. This is why people use things like package.json and npm/yarn to describe dependencies in an server (and distribution) agnostic way. And then use something like Ansible for deployment.

> - maybe they don't even release or version their code because they just
> hack on it as they please

It depends. For instance projects like Discourse do version their code. If you are talking about a website, usually there is no need for versioning, especially if you are using a CI/CD workflow.

~nikos