Elixir Wizards

Package Management in Elixir vs. JavaScript with Wojtek Mach & Amal Hussein

Listen Later

Today on Elixir Wizards, Wojtek Mach of HexPM and Amal Hussein, engineering leader and former NPM team member, join Owen Bickford to compare notes on package management in Elixir vs. JavaScript. This lively conversation covers everything from best practices for dependency management to API design, SemVer (semantic versioning), and the dark ages of web development before package managers existed.

The guests debate philosophical differences between the JavaScript and Elixir communities. They highlight the JavaScript ecosystem's maturity and identify potential areas of improvement, contrasted against Elixir’s emphasis on minimal dependencies. Both guests encourage engineers to publish packages, even small ones, as a learning opportunity.

Topics discussed in this episode:
  • Leveraging community packages rather than reinventing the wheel
  • Vetting packages carefully before adopting them as dependencies
  • Evaluating security, performance, and bundle size when assessing packages
  • Managing transitive dependencies pulled in by packages
  • Why semantic versioning is difficult to consistently enforce
  • Designing APIs with extensibility and backward compatibility in mind
  • Using tools like deprecations to avoid breaking changes in new releases
  • JavaScript’s preference for code reuse over minimization
  • The Elixir community’s minimal dependencies and avoidance of tech debt
  • Challenges in early package management, such as global dependency
  • Learning from tools like Ruby Gems and Bundler to improve experience
  • How log files provide visibility into dependency management actions
  • How lock files pin dependency versions for consistency
  • Publishing packages democratizes access and provides learning opportunities
  • Linting to enforce standards and prevent certain bugs
  • Primitive-focused packages provide flexibility over highly opinionated ones
  • Suggestions for improving documentation and guides
  • Benefits of collaboration between programming language communities
    • Links mentioned in this episode:

    Node.js https://github.com/nodejs

    npm JavaScript Package Manager  https://github.com/npm
    JS Party Podcast https://changelog.com/jsparty
    Dashbit https://dashbit.co/
    HexPM Package Manager for Erlang https://hex.pm/
    HTTP Client for Elixir https://github.com/wojtekmach/req
    Ecto Database-Wrapper for Elixir https://github.com/elixir-ecto (Not an ORM)
    XState Actor-Based State Management for JavaScript https://xstate.js.org/docs/
    Supply Chain Protection for JavaScript, Python, and Go  https://socket.dev/
    MixAudit https://github.com/mirego/mix_audit
    NimbleTOTP Library for 2FA https://hexdocs.pm/nimble_totp/NimbleTOTP.html
    Microsoft Azure https://github.com/Azure
    Patch Package https://www.npmjs.com/package/patch-package
    Ruby Bundler to manage Gem dependencies https://github.com/rubygems/bundler
    npm-shrinkwrap https://docs.npmjs.com/cli/v10/commands/npm-shrinkwrap
    SemVer Semantic Versioner for NPM https://www.npmjs.com/package/semver
    Spec-ulation Keynote - Rich Hickey https://www.youtube.com/watch?v=oyLBGkS5ICk
    Amal’s favorite Linter https://eslint.org/
    Elixir Mint Functional HTTP Client for Elixir https://github.com/elixir-mint
    Tailwind Open Source CSS Framework https://tailwindcss.com/
    WebauthnComponents https://hex.pm/packages/webauthn_components

    Special Guests: Amal Hussein and Wojtek Mach.

    ...more
    View all episodesView all episodes
    Download on the App Store
    Elixir WizardsBy SmartLogic LLC
    • 4.9
    • 4.9
    • 4.9
    • 4.9
    • 4.9

    4.9

    22 ratings

    More shows like Elixir Wizards

    View all
    Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

    Software Engineering Radio - the podcast for professional software developers

    274 Listeners

    The Changelog: Software Development, Open Source by Changelog Media

    The Changelog: Software Development, Open Source

    284 Listeners

    Software Engineering Daily by Software Engineering Daily

    Software Engineering Daily

    621 Listeners

    Python Bytes by Michael Kennedy and Brian Okken

    Python Bytes

    215 Listeners

    Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

    Syntax - Tasty Web Development Treats

    987 Listeners

    CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

    CoRecursive: Coding Stories

    189 Listeners

    Elixir Outlaws by Elixir Outlaws

    Elixir Outlaws

    24 Listeners

    The Stack Overflow Podcast by The Stack Overflow Podcast

    The Stack Overflow Podcast

    62 Listeners

    Thinking Elixir Podcast by ThinkingElixir.com

    Thinking Elixir Podcast

    33 Listeners

    Beam Radio by Lars Wikman

    Beam Radio

    11 Listeners

    Software Unscripted by Richard Feldman

    Software Unscripted

    26 Listeners

    Oxide and Friends by Oxide Computer Company

    Oxide and Friends

    47 Listeners

    Elixir Mentor by Jacob Luetzow

    Elixir Mentor

    2 Listeners

    Risky Business with Nate Silver and Maria Konnikova by Pushkin Industries

    Risky Business with Nate Silver and Maria Konnikova

    261 Listeners

    The Pragmatic Engineer by Gergely Orosz

    The Pragmatic Engineer

    63 Listeners