A public plea to the maintainer of npm-check.


Dear maintainer of npm-check,

I know that life is hard. I know that one likely has children, a full-time job, responsibilities with friends and family, and even with the almighty powers that rule over our lives, be that the boss, the state, the military-industrial complex, or the romantic partner.

I know that one likely has a whole life outside this two-dimensional window to the internet. However, I would appreciate it if you took a few minutes to read the following words.

In the first place, let me share the story of how our lives got entangled through the piece of software you created.

Like many of you, I’m a software developer working for a startup. My job consists of a series of ritualistic modifications of source code, with no relation to any value I can identify.

To retain sanity, I like to use tools created by fellow programmers to make my work — to put it bluntly — less painful.

In short, maybe you just created npm-check as a stepping stone in your career, but please don’t forget that it now serves as a beacon of hope to thousands of your fellow coders. I have no right to ask you for anything, but please consider your central role in this community.

At this point, there are quite a few pull requests that implement some sensible features, most of them with the utmost diligence. As you can see, there is no lack of eagerness to take a part of this burden out of your hands. All we need is your blessing and your merging privileges.

Now, I don’t want to get into the politics of open source. A lot has been said recently. There should be room here to talk about the topic in depth while keeping a mutual understanding.

Please, I beg of you, give us a sign of life. Let us know that you are still there, and that you still care. We need you.

Sincerely, the npm-check community.

What is npm-check?

For those unfamiliar, I would describe npm-check like this: It’s a command-line tool that lets you check for outdated dependencies in your JavaScript project, and update them with a single command.

Is it ethical to publicly ask the maintainer to take action?

Some might say no because it puts pressure on them, and they might not be able to do anything about it.

To show my good intentions, I wrote the following song to best express my feelings. Yes, this is real:

Open-source maintainers, be warned. You might get a song like this too.

An alternative.

I want to refer you to the beautiful library npm-check-updates.

It appears that this library is the blessed option by the open-source community; If one reads the issues and pull requests on Github, we can find several open-source celebrities. In addition, the maintainer has a very reasonable vision for the tool.

True, I would love to see some features of npm-check in npm-check-updates: Namely, a better interactive mode with links to the repos, better semver support, and a few emojis.

Sure, I could easily open a PR on npm-check-updates, or at the very least open an issue. Instead, I wrote a vague and passive-aggressive plea.

But hey, at least there’s one more song about open-source out there in the world.