Does anyone have tool suggestions for manging these dependencies for legacy applications that aren't setup for webpack and similar tools. Lots of legacy sites still use things like jQuery and jquery-ui which don't work nicely in webpack without changing how your JS works. But I also don't want to be manually downloading the libraries and committing to the repo. Something like npm, but specifically for browser libraries, and it can just install the js resources straight into a "public assets" folder. Bonus if it can create a JSON file with the path to the libraries and the file hashes so we can reference them from server side code. All my attempts at npm and webpack/parcel etc fall apart with things like jquery-ui.
Edit: years ago bower fit this requirement. I'm not sure it's fit for the current state of JS libraries now though, and they seem to recommend moving away from it.
> But I also don't want to be manually downloading the libraries and committing to the repo
Why not? This is the simplest and most robust technique.
Not everything needs to be part of some nerdtastic dependency resolution architecture. The web is messy. Grab the files you need, keep them safe and move on. There are so many other problems to solve.
So an inferior version control system that works at odds with the main one that you're using to manage your repo (probably Git) and that works against anyone who's interested in what the version control system is supposed to be for?
Just commit the code to your repo. Orthogonal/overlay SCMs like NPM were a mistake—promulgated by people with serious misapprehensions not unlike those that are the target of the article linked here, i.e. those who are (still) insistent on using JS CDNs for <reasons>—ones they can't explain, but that they're sure makes it a good idea. I mean, doing it this way has got to be good for something, otherwise there wouldn't be so many people doing it this way, right?
Unfortunately not. If there is a 0 day vulnerability, or you're running an older version of a browser for a known patched issue, you may find yourself with a remote code execution, or 0 click download. Or it could be another kind of exploit, maybe your email service is vulnerable to XSS attacks. Like operating systems, browsers can have security issues too. So trusting your browser to see if a phish is really a phish is just unnecessary risk. I've worked with clients that have ended up with crypto lockers from clicking the link. Even from the IT side, I'm not going to increase the risk by opening a known phishing link to check how good it looks. If I am, it's going to be in a system that doesn't have active logins to other systems/sites, and is in easily disposed and reset. Check out all the YouTubers getting channels hacked with session stealing. Yes, they are falling for phishing attacks, but you really don't know what the attack vector is going to be. It might just be a fake login, or it could be much more sophisticated.
I've not used Toolbox that other commenters are mentioning, but there is an unofficial ppa. https://github.com/JonasGroeger/jetbrains-ppa.
I used to do basically the same thing, build our own deb packages for use in our org, and the PPA works perfectly.
This is the kind of tool I like. Not sure what kind of edge case I've hit though. Trip from Perth to Exmouth in Western Australia, leaving 1:13pm UTC+1000, ends up suggesting the wrong side.
Preferred Seating : Left Side
1250 km / 776.41 miles :14h 40m 33s
Sun Exposure Data
Left Side: 49.62%
Right Side: 7.94%
No Sun: 42.44%
Mailhardener and dmarcdigests are 2 that I've used. Dmarcdigests also has a free version through postmark that sends you a summary email weekly instead of a dashboard. I personally like mailhardener, I felt the dashboard was better and easier to understand.
