Would people remove that npm install corepack from their workflow after it got back to working out of the box again? Or would they continue keeping npm install corepack in case the bundled corepack happen again?
Comments
Log in with your Bluesky account to leave a comment
Will package managers supporting Corepack keep supporting it if they feel second-class citizen? Or would they just accept Node.js will always be toxic for any package-manager-related discussions and move on?
Is it that the model doesn't work, or just that existing tools don't work? At least I am not seeing why it would not worked for Windows (or for example mise seems to work with both Windows and pnpm, though I have not used it before)
I'm afraid you're missing the point. Corepack, as a Node.js project, was both a nice UX, and a way to build a bridge between Node.js and communities that felt second-class citizen. Making *this* project succeed was part of the goal, at least for me.
Instead what was shown is pretty much the opposite, up to the point where the TSC allowed borderline harassement strategies to happen without any public repercussions. It's really a shame.
1. corepack maintainers, and some corepack users, advocate that keeping corepack bundled provides a better UX
2. some corepack users advocate that not keeping corepack bundled provides a better UX
So, yes, the npm signature thing? That's the only fix in the linked comment's release
I feel like it's frustrating because a bug like that could have happened to anyone (the npm signature thing affected more than just corepack or pnpm), but seemingly catalyzed corepack's removal 😞
It's a tough decision to make. At least from how I see it, we have corepack maintainers + some corepack users who want it bundled, and some Node.js maintainers + some corepack users who do not want it bundled. So you can't make a decision that makes everyone happy...
Comments
1. Should we make other packages managers easily available like npm
2. How do we do that, is corepack the best solution for that
I don't think many would argue against 1, but many, including corepack users, have concerns about 2 (e.g. due to the pnpm breakage).
It seems the second model just lacks promotion, and people are coupling 1 with 2 as if not supporting 2 is against 1.
The asdf plugin is not maintained by the project itself, and explicitly does not support windows: https://github.com/jonathanmorley/asdf-pnpm
1. corepack maintainers, and some corepack users, advocate that keeping corepack bundled provides a better UX
2. some corepack users advocate that not keeping corepack bundled provides a better UX
I feel like it's frustrating because a bug like that could have happened to anyone (the npm signature thing affected more than just corepack or pnpm), but seemingly catalyzed corepack's removal 😞