Edit: sorry for re-stating some of your points. I'm sort of delirious with a head cold right now.
What's pretty interesting is that it could be both.
Sellers get's a return. Upon receiving returned item they check that packaging is still sealed and when it is, they send it back to amazon's fulfillment center to be sold again.
Amazon receives the item. Amazon's system (obviously) doesn't open boxes. They at the very most check the barcode, visually inspect for sealed box, and check weight.
Now the items are co-mingled with other new items
Now a buyer can receive a box of clay when they buy from an entirely different seller.
Co-mingled items allow for a ton of fraud. They also save Amazon a lot of money on logistics. They make prime shipping possible. For Amazon, the acceptable rate of fraud is very high because everyone wants to be on their marketplace (huge sales volume) and the system they use allows them to offer such value at such a low cost.
A pragmatic solution is probably "go for the DIMMs that are identified as not apparently vulnerable", if you're in a position where you have to care about this faster than t(vendors release software updates to mitigate this class of attack on your platforms).
Nope, not significant at all, you can lease a reasonable, "uberable" car for way less than $200/month (which already includes depreciation).
If the car is used on Uber for (a very conservative estimate) of 20 hours per week, ~150 hours per month, that's about $1/hour in asset costs. Let's say maintenance and what not costs another 50% of that plus another 50% of whatever, we're still talking $2/hour in asset costs, which is far less than minimum wage.
It seems like the issue here should be that rentals/hotels are discriminating based on whether someone operates as an AirBnB host or not. Other renter's who do the same without such a notable 'incident' are the same level of risk. It is quite unfair I believe that this person is unable to find a rental. Rental agencies should figure out their stance and make it clear and unilateral.
He broke the terms of his lease so he could make hundreds of dollars a night. Rental agencies aren't in the business of leasing to people with a record of violating lease agreements.
Yeah, I have several modules on NPM that are each just a single function (with unit tests!) that I'm interested in using in more than one package. "265 unique packages" could possibly be "265 short functions" on one extreme end.
To what end? It seems like the package overhead would destroy any savings in package size to be able to mix and match rather than just having a larger, more complete package.
The alternative isn't having a single more complete package, it's having a few dozens of more complete, overlapping packages that each don't fully satisfy your needs.
The overhead is negligible: running `npm install` in production is considered an anti-pattern and because of how npm's dependency resolution works each dependency can have different copies of the same (second order) dependency. The likelihood that there will be version conflicts (and thus duplication) is far smaller when there are smaller more specialised packages instead of a few big ones.
It's not about package size. Nobody cares about package size (except for frontend code but it's fairly easy to pare those deps down to the bare minimum).
Also, nearly all of jQuery's deps are development deps not needed in production. Those deps are only interesting for maintainers -- building jQuery yourself is likely the wrong thing to do. It's only necessary because jQuery doesn't yet expose its "submodules" properly.
But the packaging burden is the same, regardless of the size of the source code. There's still 265 unique dependencies for a distro to package to build jQuery from source in its entirety. That's rough.
It's not a specific package manager. It's the package manager. You use Node.js (or io.js, which is effectively the same as Node.js) to build jQuery, the Node.js package manager is NPM. jQuery is an NPM package and uses NPM's package.json to define its development dependencies.
This isn't really up to debate. There are other package managers for JS, but they aren't replacements for NPM. And no, Meteor doesn't count -- Meteor is its own strange quasi-incompatible microcosm. In fact, some projects which aren't node packages use NPM just to manage development dependencies.
I don't know how many other ways to say this: Downloading dependencies is not the job of a build system! One should be able to use npm to fetch dependencies, or get them via another means (your system package manager), and the build system shouldn't care. Coupling package managers to build systems is a mistake.
You can use any build system you want, but you need to have the build system's dependencies installed and those dependencies vary from project to project.
If you're using Makefiles, you implicitly depend on make. If you're using Grunt, you're likely implicitly depending on grunt-cli. NPM allows you to make these dependencies explicit (if the dependencies can be resolved to other NPM packages).
Heck, you can install node packages globally and be able to use them as if they were installed locally.
I don't know how many other ways to say this: what is your problem? As long as your package manager knows how to make the packages visible to node, you don't need NPM as a package manager. But you likely won't want to put all NPM packages in your package manager of choice's repository because there's a metric fuckton of them and system-level package managers have a habit of being horrendously out of date for application-level dependencies.
With regard to dependencies, every node project folder is like virtualenv. And as a matter of fact, every Python developer I know considers the system-level Python packages (i.e. those installed with apt-get or your PM of choice) a pain in the ass and only favours them if installing the package with pip would require a lot of native dev libraries (e.g. the MySQL driver or the XML/HTML packages).
The only thing making NPM a "build system" is its "npm run" command which lets you run the scripts defined in your package.json. And for many projects having a couple of aliases is all you really need and Grunt/Gulp/Make/Jake/Rake is overkill.
Either you have no idea what you are talking about or you're very bad at communicating what you take issue with.
many of those dependencies are testing related including some large dependencies for virtual dom stuff to mock the browser. Plus it uses grunt which, while I don't really like it, it does have the benefit over make that it works out of the box on windows which is something jquery has to support.
What's pretty interesting is that it could be both.
Sellers get's a return. Upon receiving returned item they check that packaging is still sealed and when it is, they send it back to amazon's fulfillment center to be sold again.
Amazon receives the item. Amazon's system (obviously) doesn't open boxes. They at the very most check the barcode, visually inspect for sealed box, and check weight.
Now the items are co-mingled with other new items
Now a buyer can receive a box of clay when they buy from an entirely different seller.
Co-mingled items allow for a ton of fraud. They also save Amazon a lot of money on logistics. They make prime shipping possible. For Amazon, the acceptable rate of fraud is very high because everyone wants to be on their marketplace (huge sales volume) and the system they use allows them to offer such value at such a low cost.