Thanks! I was hoping someone else had replicated the registry so I didnt have to
06.03.2026 00:11
π 1
π 0
π¬ 0
π 0
Thanks! I was hoping someone else had replicated the registry so I didnt have to
Yeah I see how the downloads dont seem to add up if you just walk the reported dependents
packages.ecosyste.ms/registries/n...
I got replies before from folks suggesting how they have or would do this, I pinged @andrewnez.bsky.social from ecosyste.ms who might know more!
@andrewnez.bsky.social can you help point to the correct way to do with? can ecosyste.ms do it?
ooph yeah idk, my query reports it would scan 48 TB, so almost $300 to run it once
lemme see if I am still set up to pull this info easily without spending money lol
I spent like 3k by accident doing some queries which were similar to these, but not the same.
Whatβs the package btw?
Yep, this repo shows the queries I used
Be warned though BigQuery get expensive fast, Id suggest making these queries on an account with no credit card attached lol
Or otherwise restrict the query to processing 1TB of data (which I think is the free usage threshold)
someoneβs gotta monitor the situation
Kind of brilliant for an agentβs mascot to be a type of bug itself if you mentally squint
Okay so adding cache to the list of github actions feature surface to always be terrified of
adnanthekhan.com/posts/clinej...
belt-and-suspenders
It's not just lodash, to be clear, it seems like a lot of packages are having a pretty sharp increase this week
calling out lodash bc of the big number milestone
we all know npm stats are a blunt metric, and a rising tide of JS continuing to eat the world lifts all boats
but got damn π
does anyone have stats about how npm downloads in general grow YoY?
lodash just had its first ever 100M+ download week on npm
that's a 70% YoY increase
its frustrating that the remote claude code env is missing some tools.
For me its the missing gh cli that really hurts, for reading issues/PRs or otherwise doing read against GH
So I created this StartSession script which ensures it is installed in remote sessions
www.npmjs.com/package/@jon...
Some (world is large) people have been getting angry with Anthropic lately and see requesting clawdbot change its name as another user hostile action
Which is wild to me, it is so clearly infringing
Same folks have been mad they prevented 3rd party agent harnesses using claude subscription auth
i do like the computer
Do you mean domains as orgs ala namespace? Do you have thoughts on how domain takeover risk would playout here (ala expiry, reregister)
I know in ATP domain takeover !== account takeover, just handle. But if you mean domains as namespaces, then I dont know enough about ATP to see past the risk
*pre-npm registry as in before it became the defacto place for JS code to be distributed
In my OSS archaelogy efforts I keep bumping into the defunct Component.js pre-npm registry and UI framework paradigm
Just found this video explainer from their homepage focusing on the ui component runtime system, really capturing a point in time
www.youtube.com/watch?v=gtz7...
Maybe it was the aws outage today?
For sure, Ive tried to recreate the API calls from the site, but the feed it shows is by latest published now it seems
My use case is here, but my expensive query was a modified version of what is in the readme
github.com/jonchurch/to...
I know @e18e.dev has mirrored some data, what are yall doing to query the ecosystem relationships?
I got most of what I wanted for a specific package, but npm registry data access just doesnt exist anymore and has been lacking for a long time.
This bigquery dataset is still the best way I know to do this, and it still doesnt give me everything I need.
Im asking for a goodwill credit π€as I just didnt realize running my simple focused query less than 10 times could spend that
But ultimately thereβs no good way to do this research today that Im aware of
I spent almost $3k on Google BigQuery by accident while exploring dependency relationships in the deps.dev dataset
WOOF
I need to process whatever all I signed up for
Aye, what Ive been working on is a change monitor.
Takes a list of packages to watch, alerts when any changes occur at the registry. Maintainers add/rm, version add/rm, dist tag changes, lifecycle scripts change between versions etc
To solve for knowing if any of your pkgs had a sneaky publish