A lot of discussion has been happening around npm and it’s vulnerabilities since one module being unpublished about a week ago caused problems for lots of developers and their teams. Sindre Sorhus, a prominent developer and publisher on npm, wrote about why he thinks we need small reusable modules, like the one that was unpublished last week. You can read his thoughts on this here. You should read the whole post, but here is a snippet that sums it up.
People get way too easily caught up in the LOC (Lines Of Code). LOC is pretty much irrelevant. It doesn’t matter if the module is one line or hundreds. It’s all about containing complexity. Think of node modules as lego blocks. You don’t necessarily care about the details of how it’s made. All you need to know is how to use the lego blocks to build your lego castle. By making small focused modules you can easily build large complex systems without having to know every single detail of how everything works. Our short term memory is finite. In addition, by having these modules as modules other people can reuse them and when a module is improved or a bug is fixed, every consumer benefits.