- In broad strokes, summarize the event
Kik wanted to create an NPM module named Kik for it's services. They sent a request to Koculu, maintainer of 250 NPM modules including one named Kik, to rename his module. Koculu refused. Kik went to NPM with their lawyers. NPM told Koculu to change it. Koculu pulled all his modules. Thousands of projects, including NPM, had a dependency on one of his modules, left-pad. They all broke. People cried. NPM retroactively restored it.
- How do NPM and RubyGems relate?
They both manage code sets that developers can include in their projects. The former is for JavaScript, the latter Ruby.
- What is
left-padand why is it used?
Left-pad is an NPM module that adds padding to the left of text. It's used so that developers don't need to write their own custom padding solution.
-
Gem 1 - Headshot
-
What does this Gem generally do?
- Allows easy access to a user's webcam.
-
When is the date of the last commit?
- May 4, 2015
-
How many open issues does it have? -2
-
Start looking around the source code
- Link to one piece of code or a file you understand
- https://github.com/diwadm/headshot/blob/master/lib/app/controllers/headshot_controller.rb
- What does this code do?
- Runs through a bunch of potential custom hooks and rescues with defaults for when a user snaps a photo in order to save it.
- Link to one piece of code or a file you don't understand at all?
- https://github.com/diwadm/headshot/blob/master/lib/assets/swfs/headshot.swf
- ...not sure how to even open it.
- What do you think this code might do?
- Based on the commit comment, it handles the flash end of the webcam.
- Link to one piece of code or a file you understand
-
Does it seem reasonable to add this dependency into your code?
- My flash needs a whole lot of work, so yes. But, now that I'm understanding more JavaScript, I think I can use HTML5's built in camera options in conjunction with JS to handle some of this myself.
-
Gem 2 - Shoulda-matchers
-
What does this Gem generally do?
- Allows for easy testing of rails validations.
-
When is the date of the last commit?
- February 25th, 2015
-
How many open issues does it have?
- 56
-
Start looking around the source code
- Link to one piece of code or a file you understand
- https://github.com/thoughtbot/shoulda-matchers/blob/master/lib/shoulda/matchers/active_model/validate_length_of_matcher.rb
- What does this code do?
- Validates length of a model's attribute. It checks for several parameters including minumum and checks that against a series of possible options, among other things.
- Link to one piece of code or a file you don't understand at all?
- What do you think this code might do?
- I think it creates the environment that the other methods use to test validations.
- Link to one piece of code or a file you understand
-
Does it seem reasonable to add this dependency into your code?
- Yes, it seems well maintained and used by lots of developers. Hand-rolling these methods would consume lots of time, and far outweigh the risk unless the project was large and had special requirements.
-
Gem 3 - Pry
- What does this Gem generally do?
- IRB alternative and run-time console.
- What does this Gem generally do?
-
When is the date of the last commit?
- February 26, 2016
-
How many open issues does it have?
- 143
-
Start looking around the source code
- Link to one piece of code or a file you understand
- https://github.com/pry/pry/blob/master/lib/pry.rb
- What does this code do?
- Partial understanding - it sets global configuration variables.
- Link to one piece of code or a file you don't understand at all?
- https://github.com/pry/pry/blob/master/lib/pry/repl.rb
- What do you think this code might do?
- Establishes the REPL/IRB aspects of the gem.
- Link to one piece of code or a file you understand
-
Does it seem reasonable to add this dependency into your code?
- Yes, it has been invaluable for troubleshooting
-
What are some factors you consider when adding dependencies to your projects? Honestly, it hasn't been a huge consideration thus far. Normally if it saves time or I'm not sure how to do it myself and it looks like it is being maintained regularly and used by a bunch of developers, I'll add it. I should probably reconsider that approach.