Package Managers and why I hate them: npm or composer

Package Managers Just Suck

They suck big time. Let me tell you how I arrived at that conclusion. First off, theoretically, package managers sound amazing. The idea of running one command sand have everything magically created for you, updated for you, compiled, without too much sweating, is truly a marvel.

package managers suck

Sure, package entire servers when you can simply run a couple of git / svn commands.

In reality, however, this is sadly not the case. Every freakin’ time I try to go back to npm to install something, either for a cordova app, or a Laravel install, or just some custom dependency, I start off following some instruction manual. npm install this, npm install that, and on I go. Until I get to a package that requires something else.

This happens every time. Documentation is very unclear most of the time. Sometimes I have to run npm install with a -g flag, somtimes –save-dev, all sort of options. And Make sure you always have the latest version of npm, unless their site is down, which happens every hour on the hour, or it’s slow, or non responsive, etc.

Communism is the Perfect Form of Government

Just like communism, package managers packatoo shall fail. Not today, not tomorrow, but one day when developers figure out that they can do installs simply by downloading libraries or git/svn-ing them to their development environments.

Just as an example, this one project, I had to install about 30 packages, but that wasn’t enough. There were dependencies like .Net framework, and python, ruby, etc. All for a one page website. Who are these idiots developing websites and making them so complicated? It’s a one page website that could have simply ran off of a simple CMS like WordPress if you really needed a CMS. It was insane.

Ah, Magento Probably Sucks Worse

It was like my old days of when I worked on a one page Magento Sucks project. What a waste. One page just to store addresses of people wishing to win an iPad, with a gigantic, full Magento install in the backend. Ridiculous!

The Dependencies

I honestly thought the whole idea of writing code is to be less dependent on crap and architect something that can easily be modified by others, pick up, learn and hit the ground running. Instead, we find that most developers who enter a new environment these days, have to re-learn a whole new flavor of development. Everything to learning a new server (nginx), backend (node), database (postgress and express), and even front end (sass, less, angular), and there are a bunch more that I haven’t listed, but they’re there. And all for what? There’s no gain in any of it. It’s all how you use the tools at hand. Nginx can be much slower than apache if not configured right, and it’s much more limited in what it can do. Same with Angular and everything else in between.

Why stick with systems that are broken? Use things that were tested over the years and can be more dependable. Things that have a much larger community.

  • I agree, i found absolutely nonsense when doing the Angular quickstart sample, npm downloaded all this dependencies that i have no idea why I even need, 100MB of crap, add to it that it recommend working with typescript , the javascript typed superset which needs a compiler (actually this one i find interesting) ..
    I kind of enjoyed the concepts that bring the frameworks and the package managers but in practice i find it excesive..

  • Fernando Tobares

    Totally agree. I spent hours looking which dependency have to install next. As you said “npm install this, npm install that”. First try to use yarn, then npm, then have to install babel, etc etc… I’m exhausted and frustrated.

  • Count me in another frustrated developer, just trying to run angular 2 for second time. Used angular-cli manually installing it npm start ng server gives me erros and the node dependencies are crazy. Can someone make things work !

    • Dissident Rage

      The Node.js ecosystem is the absolute worst. Potentially-infinite recursion, wasted time downloading multiple instances of the same versions of the same libraries, with many libraries depending on wastefully small libraries that only exist because the Node engine is missing a number of basic functionalities.

  • royalspirit

    I hate composer. I prefer to install script the way it was in the early days manually. This way you really know your installation well and know what’s in it.

    • Carl Raymond S

      Exactly. I need to deploy to my localhost to create the prototype, then deploy later to a linux box that runs cpanel. I can’t run terminal on that, so I need to know where every file goes.

    • Dissident Rage

      Yeah, installing like the early days, so you can waste space in your repository with the entire contents of a library. And there’s no way of knowing what’s in there, sure, if you ignore the fact it generates a lock file with version numbers and you can find most of your libraries and their dependencies in public repositories.

      You can keep procedural PHP 4 for yourself.

  • josh martin

    Please remove the white text on black background for the love of god.

    • lol, try to read while you scroll its better

  • Piotr Suplat

    That’s exactly why all my projects are based on Codeigniter, jQuery and various CSS frameworks (Bootstrap, UIkit, Foundation) – I have full control over what is installed, the folder of required assets is no more 50MB in the biggest project and everything works very fast, regardless if this is a simple 5-page website, or a full-blown system that talks to 3 different DB’s (MSSQL, Oracle & Postgres) and interacts with SAP via ftp connections.

    My other pet hate are the ORM’s in web development, or rather the fact how half-baked they are.
    I tried to play with Laravel (which is supposed to be ideal for big projects) and it’s Eloquent – it all worked great, and then it didn’t. If your database is particularly complex and is using plenty of views or stored procedures you have to drop out of eloquent to the basic queries. What is the f* point?!

    What happened to KISS (Keep It Simple, Stupid)? Right now it’s all about magical tools and buzz-words.

    • OH don’t get me started on codeigniter lol

      • Piotr Supłat

        CI has its faults (like everything else out there) but show me a php framework that is relatively quick to master and gives me support for Mysql, Postgres, MS SQL and Oracle out of the box, without the need to jump through fiery hoops?

    • I hate ORM too, but you should try “usmanhalalit/pixie”, it’s a query builder that does’t sucks.

      • Piotr Supłat

        Looks ok (from the docs, not actually tried it), but again this if fine if you ar building websites that are to be hosted on open-source stacks. The moment you enter any serious industry you hit SQL Server or Oracle db’s, especially if you have to interact wth internal systems.

        Also you need composer to install it – guess what the subject of this article is 🙂

        • I installed it without composer, because i hate too. Usually i don’t use SQL Server with PHP, because i prefer C# with Dapper to do its job.

  • Testify!
    these “trendy” developers know nothing about KISS, they just want to play with the new shiny thing

  • RP

    I completely agree. I hate Composer, especially when I see it being used with php. The straight forward solution is to follow standard name space dependency relationships and use a function inside spl_autoload_register(). There is really no need for all this over complexity that is added when you introduce Composer into a php project. (Here’s a tutorial
    just in case: https://www.youtube.com/watch?v=Ttgy0pIRiVQ) I cringe every time I see an app that implements Composer because if, in the composer-code, (god forbid) something is missing you can spend days trying to debug it. Luckily there are sites that remove all the Composer nonesense and provide dependencies using an autoload file that are easier to follow, but very often you have to redo all the crappy Composer-Minded gobbledygook.

  • flashpoint

    I hate it so much — Composer. especially when you have multiple versions of an application installed. Ex: PHP.

    grrr >,<

  • Miroslav Kravec

    I really HATE NodeJS/NPM, because:

    – it adds unnecessary dependency to build my project,
    – I’ve already got another build system, why introduce another one,
    – JavaScript is horrible language, and something like that shouldn’t be used for build system.

  • Jynx

    Come back to some project after only one month and all has gone to shit. Those lovely npm ERR! Spend more time googling npm and composer errors than actually developing. I wish all hipsters would die on the spot right now.