cross-posted from: https://lemmy.ml/post/718565

I’m writing some javascript (for the web) for the first time in a long time and I am realizing that I would be well served by using a bit of tooling like eslint and standardjs.

I am reluctantly willing to apt install nodejs but I am not willing to use npm because of my impression that it is a fractal of yolo curl | bash philosophy which will randomly install and automatically run malware or indistinguishable-from-malware garbage I don’t want.

So, my question is: how can I install things like standardjs without using npm?

Please do not tell me that I should just use npm.

  • @blank_sl8@lemmy.ml
    link
    fedilink
    21 year ago

    The same way C programmers do: Download the source code into a local folder and include it directly from there. Then you only update it when you explicitly want to.

    You can also use npm with a package.json which requests a specific version, that way it won’t update automatically.

    Final option, which doesn’t work for all packages, is to install the corresponding node-* package from apt, because the debian developers do ship a number of frequently used node packages in the repositories. Eg, apt install node-is-wsl