Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Jan 30 2019 15:26
    isiahmeadows commented #2363
  • Jan 30 2019 01:24
    panoply opened #2364
  • Jan 29 2019 23:50
    Bondifrench commented #2363
  • Jan 29 2019 22:17
    isiahmeadows commented #2363
  • Jan 29 2019 16:10
    tivac removed as member
  • Jan 29 2019 16:10
    tivac edited as member
  • Jan 29 2019 16:10
    pygy edited as member
  • Jan 29 2019 16:10
    barneycarroll edited as member
  • Jan 29 2019 16:10
    lhorie edited as member
  • Jan 29 2019 16:00
    isiahmeadows edited #2363
  • Jan 29 2019 15:59
    isiahmeadows opened #2363
  • Jan 29 2019 15:59
    isiahmeadows labeled #2363
  • Jan 29 2019 15:58

    isiahmeadows on isiahmeadows-patch-2

    Include both backers and sponso… (compare)

  • Jan 29 2019 15:48

    isiahmeadows on isiahmeadows-patch-2

    Mithril now accepts donations t… (compare)

  • Jan 29 2019 15:09
    isiahmeadows labeled #2362
  • Jan 29 2019 15:09
    isiahmeadows labeled #2362
  • Jan 29 2019 15:08
    isiahmeadows closed #2362
  • Jan 29 2019 15:08
    isiahmeadows commented #2362
  • Jan 28 2019 12:38
    dlepaux commented #2362
  • Jan 28 2019 12:32
    dlepaux commented #2362
Claudia Meadows
@isiahmeadows
That was discovered a week ago IUC.
@pygy I'd normally just use glob.
Stephan Hoyer
@StephanHoyer
are you ok with
<!--meta
Mithril is a modern client-side Javascript framework for building Single Page Applications.
It's small (< 8kb gzip), fast and provides routing and XHR utilities out of the box.
-->
Pierre-Yves Gérardy
@pygy
It blew up today on HN/Reddit
Claudia Meadows
@isiahmeadows
Stephan Hoyer
@StephanHoyer

or

<!--metaDescription
Mithril is a modern client-side Javascript framework for building Single Page Applications.
It's small (< 8kb gzip), fast and provides routing and XHR utilities out of the box.
-->

or such?

Claudia Meadows
@isiahmeadows
I'm good with either.
Pierre-Yves Gérardy
@pygy
@isiahmeadows That's what we use. Provided it's authored by Isaac Schuelter (isz/isaacs, the NPM founder), it is low risk, but still
That's IIRC the only runtime dep we have
Claudia Meadows
@isiahmeadows
It appears someone deleted literally all the comments of that event-stream issue between the original report and the recent one in the last 12 hours.
Barney Carroll
@barneycarroll
@isiahmeadows I'm on it
Claudia Meadows
@isiahmeadows
@pygy I would recommend against it.
As long as we keep our dependency up to date, I don't believe it'll be an issue.
Besides, its very non-trivial.
Mostly because of all the OS-specific file system bugs it papers over.
It's similar to why I always use chokidar for file watching.
Barney Carroll
@barneycarroll
TBH #2250 requires arguments
Claudia Meadows
@isiahmeadows
Like...?
Barney Carroll
@barneycarroll
There are so many things being demonstrated here, so many lines of code, so many concepts
Attribute forwarding is such a tiny detail in all that
Claudia Meadows
@isiahmeadows
@barneycarroll Would you be okay with me going with @StephanHoyer's suggestion of this flems?
Barney Carroll
@barneycarroll
Is this really a 2.0 blocker?
Claudia Meadows
@isiahmeadows
Not really.
It's milestoned post-v2, if that helps
Barney Carroll
@barneycarroll
Yeah much better
Claudia Meadows
@isiahmeadows
And would you prefer @StephanHoyer's suggestion of just a very simple example demonstrating the counter-intuitive behavior?
I considered that, but my reservation was because I got the impression from you that you wanted something that actually demonstrated a problem in practice.
Rasmus Porsager
@porsager
re: gendocs, while adding flems samples currently it was nice to get going with live update simply by using wright -e 'npm run gendocs;docs/**/*' dist/index.html
Pierre-Yves Gérardy
@pygy
@isiahmeadows re. glob, alternatively, we can freeze the deps on the current version.
Claudia Meadows
@isiahmeadows
@barneycarroll I can trim the whole thing to just have a bunch of ellipses instead, which should help.
@pygy I like that better anyways.
For smaller libraries, I prefer inexact versions, but for something that's more than just a library, that's probably not a bad idea.
Pierre-Yves Gérardy
@pygy
If a vulnerability is ever found, Github will tell us (assuming their UI improves a bit... the last time I looked into it they detected problematic packages, but did not link to the actual dep that imported it).
Claudia Meadows
@isiahmeadows
@pygy npm audit helps.
It gives you full dependency chains, too.
Updating ESLint will fix 4, updating gh-pages will fix 2, and BenchmarkJS just depends on an old Lodash version.
Really, none of this would be an issue if we had this (at least the ability to mark things as not affecting us).
Claudia Meadows
@isiahmeadows
Here's the RFC PR: npm/rfcs#18
Barney Carroll
@barneycarroll
@isiahmeadows yeah I might be getting blinded by brevity
Claudia Meadows
@isiahmeadows
I'm having trouble parsing that. Is this a go ahead?
@barneycarroll
Barney Carroll
@barneycarroll
Too tired for reasoning stuff at the moment, think I'm only good for programming :P
Claudia Meadows
@isiahmeadows
Okay. :smile:
I'll lean on @StephanHoyer then.
Stephan Hoyer
@StephanHoyer
it's midnight here.
Claudia Meadows
@isiahmeadows
Okay.
So later?
Stephan Hoyer
@StephanHoyer
I try to get some things done tomorrow
Claudia Meadows
@isiahmeadows
Okay :+1:
:wave: