from Hacker News

Ask HN: Enterprise VuePress Deployment?

by SeaDude on 9/24/18, 4:28 PM with 3 comments

Reading about the hot mess that is Node.js (pulled-dependencies, crypto miner-embeds, etc.)...

What is the sane way to deploy a Node.js project such as VuePress in the enterprise environment?

Is there one?

How do you vet the security of packages and their dependencies?

by IloveHN84 on 9/24/18, 5:00 PM
In enterprise, I would never ever trust npm/yarn and all those projects downloading unknown libraries. In enterprise I believe the less you use JavaScript the better it is. Maybe you might want to use only jQuery but you should maybe stay on Vanilla JS.
by SeaDude on 9/24/18, 5:15 PM
@IloveHN84: Thanks for the reply. When you say "...stay on Vanilla JS.", What do you mean?
Is it possible to run VuePress on Vanilla JS or are you saying stay away from all JS except Vanilla?