Looking a little bit into the future of browser apps which will no longer use pre-compiled code using e.g. #webpack, but fetch dependencies using #esm (ECMAScript module): we need to shift testing environments to actually use browsers (albeit headless) as the test runner.
In addition dependencies can be pinned (e.g. using @pikapkg's https://www.skypack.dev/ ) but this means dependency and security monitoring tools like @snyksec face entirely new challenges, they need to discover dependencies now directly from source files.
And what about our beloved package-lock.json? It guarantees that all dependencies *and* sub-dependencies are installed with a specific version, which ensures that everyone building and executing the code gets a specific state (see @ReproBuilds).
#ESM only pins the top-level.
It's a classical IT development:
progress on one axis (improves developer UX, decreases JS payload size and time to interaction on user side)
but at the same time creates new challenges (or resurfaces old).
You can follow @coderbyheart.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.