To my knowledge what node implements is nearly a superset of CommonJS. It is true that a pure CommonJS implementation cannot handle many node packages due to additional features that node has added to the module descriptor, or due to use of node specific built-in packages/globals/extra properties on require, etc.
But I was under the impression that node could generally import and handle strictly conformant CommonJS packages just fine in practice.
Of course, I won't argue that many npm packages not being conformant CommonJS packages makes things difficult for non-node server-side javascript environments, since they either need to add additional node compatibility, or might need their own package repository.
> Node had to create libraries from scratch and invent a ton of non-standard things along the way to do it. Deno is built on web standards but can also leverage many of the existing Node libraries by using std/node (the Node compatibility layer) or with jspm.io, for example
Node.js is based on CommonJS [1] which defines the require() semantics for CommonJS/node.js modules as well as core libs/APIs such as JSGI (for express.js or node core http middleware) and others. When node.js was new, there were many JavaScript app server projects such as helma, v8cgi/TeaJS, and others, and CommonJS was very much a community effort.
There’s a pretty good reason, actually, and it’s exactly npm.
Because dependencies are managed so easily in Node, it makes no sense for Node core developers to implement more and more of the ever-expanding APIs offered by the browser. They’re better off spending that time tightening the system and perhaps offering low-level interfaces.
Because the application is written in Node, and it uses dependencies? If you'd prefer something not written in Node, I'm sure you can find other options.
You can use tiny modules like this with near reckless abandon in node. Due to the way node's require() works and the way the package manager installs modules locally by default (rather than system-wide), most of the FUD of using 3rd party modules in other environments simply doesn't apply in node.
Agree, i don't know why Front-End devs think that just because is the same language everything will apply as the same context. The only reason why node is installed in my machine is that i use some npm packages for my workflow.
I think they're just using Node as a JavaScript runtime. It offers a bunch of libraries, an interpreter (V8), a package manager and so on. Additionally, it's more and more likely to be in your package manager, so it's easy to install.
Basically, it's like having an NLP library for Python--it's not just for the language but for the whole ecosystem. The difference is that JavaScript as a language does not provide stuff like modules, so you have to get that from somewhere else, in this case Node.
The huge collection of modules on npm is one of the strongest factors node.js has going for it, so it makes sense for them to emphasize that they're not breaking compatibility with this in forking node.
The ESM-only packages like node-fetch are such a pain to work with in Node in a CommonJs project.
I think this forced ESM is causing a lot vulnerabilities in code base due to the pain converting projects to ESM is. I am busy enough to try to get tests pass for some new version of a package that got ESM-only.
Wished they would publish cjs and esm for packages that target Node. Fine you go ESM-only for browser only packages.
Node js has ridiculously large dependancy trees. There is is this joke that a hello world program in NodeJS is only complete when it has 200 dependancies. If one of those many npm modules has a backdoor/vulnerability then you are screwed which is not the case for other languages.
ES modules were not only issue with node. There are bunch like no Promises in std library(they are adding that though) standard library is very minimal, so not easy to make a web app without a npm package.
But why? It's a deployment nightmare to keep node updated on servers and laptops and desktops that will never, ever use node to server server-side JS, why do I need it and NPM and the whole upgrade nightmare it implies to run a random CLI utility?
reply