If anything it makes me hate it more, because now you have a variety of build systems, even more node_modules heaviness, and ample opportunities for supply chain attacks via opaque transpiled npm packages.
I completely agree with you, but let's not pretend that Go's dependency manager is free from supply chain attacks vulnerabilities. The whole module mirror shenanigans took a hit on my trust of Go's module management.
If anything it makes me hate it more, because now you have a variety of build systems, even more node_modules heaviness, and ample opportunities for supply chain attacks via opaque transpiled npm packages.
I completely agree with you, but let's not pretend that Go's dependency manager is free from supply chain attacks vulnerabilities. The whole module mirror shenanigans took a hit on my trust of Go's module management.
Go still has one of the best supply chain security stories of any language.
Fwiw, I compile to readable JS. No point minifying. If someone wants to use it in an app, they will do so anyway