updates for vulnerabilities and deprecations in dependencies?

[mpstaton]

Just wondering if you guys are on top of this?

╰─$ npm i
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated rollup-plugin-terser@7.0.2: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-terser
npm WARN deprecated domexception@1.0.1: Use your platform's native DOMException instead
npm WARN deprecated sourcemap-codec@1.4.8: Please use @jridgewell/sourcemap-codec instead

added 940 packages, and audited 941 packages in 1m

232 packages are looking for funding
run npm fund for details

12 vulnerabilities (6 moderate, 6 high)

[andre-dietrich]

aix ... yes, we are aware of this ... There are currently two major dependencies that might cause this warning:

• parcel the builder fails compiling, when we update the version, maybe this has changed now... but I got into serious trouble when updating the parcel-builder ... either it did not compile or if it compiles, it compiles away the opportunity to send javascript code-snippets from the elm part to the javascript part. You might find the part here in Script.ts: https://github.com/LiaScript/LiaScript/tree/development/src/typescript/liascript/service

  In case you might wonder, since elm does not support some functionality as writing to indexeddb, text to speech, dynamic loading executing code, etc. we organized this around services. The elm-part sends messages (json) via one dedicated port that addresses a certain service to the javascript world, which is executed and javascript might also answer to these service calls by replying... Since different "slides", might also dynamically create LiaScript content in scripts or different elements on different slides might also talk to each other or still execute if the user moves to the next, there is also a message-path added to these messages, so that the different elm-tasks and service calls receive each other ... If you are in development mode, you can see these messages in the console or if you set LIA.debug = true ...

• the other is Dexie.js. We are still in version two, which works absolutely fine for us, but updating does affect the DB structure of and since there are already a lot of users, I was worried to break their stored states. I know, that Dexie offers a way for migrating versions, but at the beginning we used this mechanism to store the state for one course in different versions ... I tried to address this here

[mpstaton]

Why elm?

[andre-dietrich]

There are a couple of reasons, why I prefer Elm over JavaScript/TypeScript ... I shortly described this at the elm-conference, at minute 5

https://www.youtube.com/watch?v=w_CRABsJNKA

The things where elm shines is

• handling/update of state via MVC. This is now quite complex since there are multiple "slides" that are not known to the "LiaScript-Interpreter" beforehand. The usage of scripts can generate new LiaScript-elements dynamically, such as quizzes, executable code-snippets, etc. or further nested scripts that create more deeply nested stuff.
• the type-system without nulls or anys
• the compiler with friendly messages, which allows to basically refactor the entire internal system, and if it compiles it will run...
• the time travel debugger ...
• ... and the tiny footprint compared to other systems

I tried to focus on technologies such as elixir/erlang and elm, because they all start with "e"... no, I am just kidding ... because I knew that I am going to shoot myself into the foot and I wanted to use languages and systems that prevent me from doing so. And I never regret to have used elm. I know that there have not been some major updates of the language since 2 years, but the language itself is pretty stable and mature. Since there have been some recent talks by Even Czaplicki, the creator of elm, I am pretty sure, that there is also a future as a backend language for elm too.

I am sure, that LiaScript could have been implemented also in react, vue, angular or something else, but with elm we, as a university research project, could have really fast update cycles ... by the way, here is a "short" talk, just uploaded, that describes our development journey ...

https://www.youtube.com/watch?v=q_yiLNT-3cU