Mastodawn

One of the strengths of Homebrew, despite it being unpopular, is being willing to break backwards compatibility when necessary.

NPM’s unwillingness to do so reflects GitHub’s: both show excessive caution that harm both security and usability.

https://nesbitt.io/2026/03/31/npms-defaults-are-bad.html

npm’s Defaults Are Bad

The npm client’s default settings are a root cause of JavaScript’s recurring supply chain security problems.

Andrew Nesbitt

Show thread

Sebastian 1d ago

@mikemcquaid Backwards compatibility is the root of all evil in computer science. Keeping a bad practice as default just because not everyone is able or willing to adapt a good practice is never a good choice.
Ask Microsoft about NTLM.