That’s probably cause you or your packages use CoreJS. It’s basically a one man project that’s holding up the whole modern Internet infrastructure. You can look up the story online, but it was a pretty small donation request for a really relatable individual.
I guess this highly depends on package maintainers, Node already provides funding in package.json for much less invasive funding requests (and that can also be disabled) and you might also block executing the scripts during package instalation which are sometimes used for advertisement.
I think this was a lot worse in days NPM didn’t support funding, especially for projects depending on a huge number of dependencies. But I’m not that old as Node dev to tell how things were back then in reality.
Doesn’t npm have this already? I’ve definitely gotten requests for donations and various political messages when installing dependencies.
That’s probably cause you or your packages use CoreJS. It’s basically a one man project that’s holding up the whole modern Internet infrastructure. You can look up the story online, but it was a pretty small donation request for a really relatable individual.
I guess this highly depends on package maintainers, Node already provides
funding
inpackage.json
for much less invasive funding requests (and that can also be disabled) and you might also block executing the scripts during package instalation which are sometimes used for advertisement. I think this was a lot worse in days NPM didn’t supportfunding
, especially for projects depending on a huge number of dependencies. But I’m not that old as Node dev to tell how things were back then in reality.Ew, I’ll pass on node then.
That’s the reason you pass on node? Compared to all the others?
It’s the final straw.