Hacker News: arcatek

New comment by arcatek in "Package Managers à la Carte: a formal model of dependency resolution"

arcatek — Sat, 28 Feb 2026 09:23:56 +0000

It's not about the package manager, it's about the runtime. Python isn't able to support this pattern with its resolution pipeline, so package managers have to resort to do the work to dedupe versions.

By contrast Node.js has built-in capabilities that make this possible, so package managers are able to install multiple versions of the same package without that issue.

New comment by arcatek in "Next-generation AI models"

arcatek — Wed, 22 Jun 2022 10:12:37 +0000

> Huh? It queries whenever you stop typing.

That's relatively infrequently - TabNine offered me accurate completion while still writing my code, whereas with Copilot I not only have to wait for it to return the answer, I also have to hope it knows an answer. If it doesn't, too bad, lost time for nothing.

New comment by arcatek in "Monorepos in JavaScript and TypeScript"

arcatek — Thu, 02 Jun 2022 17:00:06 +0000

The article doesn't go into how to integrate TypeScript in the monorepo for development - what we do on the Yarn repository is that we point all the package.json `main` fields to the TypeScript sources, then use `publishConfig.main` to update it to the JS artifacts right before being published.

This way, we can use babel-node or ts-node to transparently run our TS files, no transpilation needed.

New comment by arcatek in "pnpm: Fast, disk space efficient package manager for JavaScript"

arcatek — Tue, 05 Apr 2022 19:12:07 +0000

> If there are clearly better algorithms, why not refactor npm and add them in experimental flags to npm

While node_modules has many flaws, in the current ecosystem all modes have their own pros and cons, and there isn't a "clearly better" algorithm: node_modules has less friction, PnP is sounder, and pnpm's symlinks attempt to be kind of an in-between, offering half the benefits at half the "cost".

Like in many computer science things, it's tradeoffs all the way. Part of why Yarn implements all three.

New comment by arcatek in "Fetch API has landed into Node.js"

arcatek — Tue, 01 Feb 2022 15:47:59 +0000

Usually you setup a transpiler to target both. For example, my packages are bundled with rollup towards both cjs & esm:

https://github.com/arcanis/clipanion/blob/master/rollup.conf...

New comment by arcatek in "Fetch API has landed into Node.js"

arcatek — Tue, 01 Feb 2022 13:37:52 +0000

However note that ESM in Node comes with drawbacks that prevent end-users from relying them in various situations. Those will be mostly solved once loaders become stable, but until then it's still advised to ship packages as both CJS and ESM.

New comment by arcatek in "Gitlab Epic Issue Relationships Deleted"

arcatek — Wed, 15 Dec 2021 13:22:50 +0000

Out of curiosity, how do transaction logs handle things like created_at fields, or randomly generated UUID, which rely on contextual data? Is the server time/rng seed faked for each replayed transaction?

New comment by arcatek in "Security issue related to the NPM registry"

arcatek — Wed, 17 Nov 2021 08:44:41 +0000

To reiterate on what sibling comments said, I'm the one who spawned the discussion and implementation of Corepack, and npm remained largely out of it; the push mostly came from pnpm and Yarn.

Additionally, unlike other approaches, Corepack ensures that package manager versions are pinned per project and you don't need to blindly install newest ones via `npm i -g npm` (which could potentially be hijacked via the type of vulnerability discussed here). It intends to make your projects more secure, not less.

New comment by arcatek in "Bitcoin is largely controlled by a small group of investors and miners"

arcatek — Wed, 27 Oct 2021 10:12:12 +0000

If they start to play with different rules, one of the hard fork remaining branches (or both) will be refused by everyone on the network and be worthless.

There's no telling whether it'd be the "hijacked" branch or the original one - assuming they control 50%+ of the mining power, there's a decent argument that the remaining miners would follow their lead if only to stay on the largest branch.

New comment by arcatek in "GitHub Actions checkspelling community workflow GitHub_TOKEN leakage via symlink"

arcatek — Thu, 09 Sep 2021 08:32:25 +0000

I was under the impression that the default temporary GITHUB_TOKEN for forked repos (which is what happens with PRs) were read-only. Isn't that the case?

https://docs.github.com/en/actions/reference/authentication-...

New comment by arcatek in "C++ Exceptions: Under the Hood (2013)"

arcatek — Fri, 13 Aug 2021 11:22:40 +0000

It's public, but I doubt it still compiles against recent LLVM versions! I started it 8 years ago to get a better understanding how features like classes & operator overload would work in a JS-like language. It was really fun!

https://github.com/castel/libcastel/blob/master/runtime/sour...

I remember that at the time there were very few resources on personality functions, even in the LLVM doc - I had to make a lot of research before finding your articles, which were extremely helpful!

I got reminded of them yesterday after someone pinged me on a Stack Overflow answer I made at the time, asking for an updated link; after I found your long-form article I figured it would be a good topic for HN as well :)

https://stackoverflow.com/questions/16597350/what-is-an-exce...

New comment by arcatek in "C++ Exceptions: Under the Hood (2013)"

arcatek — Thu, 12 Aug 2021 22:45:09 +0000

That's the article I used when I implemented exceptions in an LLVM-based compiler, so it's applicable to more than just GCC.

C++ Exceptions: Under the Hood (2013)

arcatek — Thu, 12 Aug 2021 21:17:15 +0000

Article URL: https://monkeywritescode.blogspot.com/p/c-exceptions-under-hood.html

Comments URL: https://news.ycombinator.com/item?id=28161596

Points: 115

# Comments: 111

New comment by arcatek in "ZeroVer: 0-Based Versioning"

arcatek — Thu, 12 Aug 2021 12:11:55 +0000

I know you're joking, but I worked in a startup where a massive effort was made to completely rebuild the 1.x website - both backend and frontend. It required a lot of work from everyone, and I remember we even stayed late more than a few times to bring it to finish line.

So it was a bit disheartening that the founders never bumped the version to 2.x once the rollout was achieved. It's perhaps a bit nitpicky, but it felt like the work wasn't properly appreciated.

New comment by arcatek in "Yarn 3.0"

arcatek — Sat, 31 Jul 2021 08:45:39 +0000

We don't do support on HN, but if you really don't find information in our repository issues I'm sure our Discord can help. We publish all the Yarn packages to both the npm and GitHub package registries, so I'm certain it works fine.

New comment by arcatek in "Yarn 3.0"

arcatek — Sat, 31 Jul 2021 08:43:04 +0000

That's not quite true, PnP has always been the default and we have no plans to change that. The only thing that changed is that when you migrate from v1, we automatically enable the node-modules linker.

The reason for that is that PnP tends to require recent versions of some of your dependencies, so migrating to it can be somewhat involved, and it's better experience to let you keep using the install strategy you're used to until you decide to change it yourself.

New projects, on the other hand, already use the latest versions from their dependencies, so it's a much better starting point for PnP.

New comment by arcatek in "Yarn 3.0"

arcatek — Fri, 30 Jul 2021 21:28:56 +0000

We support it once you enable the `node-modules` linker (cf our documentation). It's a little slower and doesn't leverage some of the stability improvements brought by PnP (in short, you get a good old node_modules folder without much fanciness), but you still get to benefit from all the other features and bugfixes we made since the 1.x.

New comment by arcatek in "Yarn 3.0"

arcatek — Fri, 30 Jul 2021 21:27:16 +0000

We use Yarn / VSCode / TypeScript (both to maintain Yarn and at work), so we are very invested in this use case. If something didn't work, we'd notice it quickly and the fix wouldn't take long!

New comment by arcatek in "Yarn 3.0"

arcatek — Fri, 30 Jul 2021 21:25:40 +0000

I was the main developer back when the 2.0 was started (so, like, rc.1), but since then we grew and are now a team, with at least four very active contributors of similar expertise.

I believe this is the greatest accomplishment of the v2.

New comment by arcatek in "Yarn 3.0"

arcatek — Fri, 30 Jul 2021 21:23:17 +0000

Note that we don't recommend using both Yarn and npm: both have different feature sets, heuristics, and implementation details, and as a result your colleagues and you may have slightly different behaviors in development (on top of desync'd dependency trees).

Just like no one would think of letting their developers choose whether they want to bundle their code using either Webpack or Rollup, the package manager should really be enforced at the project level, whether you choose Yarn or npm.