« Oatmeal

All of this NPM bruhaha has me wondering, what does a better solution look like? NPM has always been a reason I’m wary of modern JS dev. The whole ecosystem seems contingent on NPM as its central rail — what happens when it is bought, hacked, or just flakes? I pretend that quicklisp does it better, but I am really not sure, tbh. Is a centralized package manager always going to be a or even the central point of failure for a wider ecosystem? I regularly use a bunch of different package managers across a few different languages, is one better than the other? At the end of the day is their a better model to follow?