isd changed the topic of #sandstorm to: Welcome to #sandstorm: home of all things sandstorm.io. Say hi! | Have a question but no one is here? Try asking in the discussion group: https://groups.google.com/group/sandstorm-dev | This channel is logged at: https://freenode.irclog.whitequark.org/sandstorm/
kawaiipunk has quit [Quit: Leaving this Club]
kawaiipunk has joined #sandstorm
TMM has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
TMM has joined #sandstorm
griff_ has joined #sandstorm
griff_ has quit [Ping timeout: 252 seconds]
larjona has quit [Quit: http://quassel-irc.org - Chatee cómodamente donde sea.]
larjona has joined #sandstorm
larjona has quit [Quit: http://quassel-irc.org - Chatee cómodamente donde sea.]
larjona has joined #sandstorm
xet7 has quit [Quit: Leaving]
xet7 has joined #sandstorm
TMM has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
TMM has joined #sandstorm
xet7 has quit [Read error: Connection reset by peer]
xet7 has joined #sandstorm
<kentonv> npm audit be like... "You depend on 15 different libraries that in turn depend on shitlib v0.0.2. A vulnerability has been reported in shitlib, which is patched in v6.23.19. Update?"
<JacobWeisz[m]> Packages confuse me. I honestly don't know how everything Node based hasn't come crashing down like a giant house of cards yet.
<JacobWeisz[m]> kentonv: Did you see the grain settings PR? It would be ideal to get your thoughts since it's a major UI thing.
<isd> Eh, language package managers aren't really the source of the issue, though they perhaps exacerbate it. The sheer amount of code that's running on any given machine is mind-boggling, even just stuff that's written in languages (C & C++) that don't have real package managers.
<kentonv> the grain settings thing looks neat. I don't think I have any particular opinions about it though.