And since javascript libraries tend to be so small and focused

Lol, LMAO even

But Windows is less secure. Two things can be true at once. They are in the original topic too.

The Java ecosystem is massive and decades old and I don’t hear one iota of the shit about maven central that I hear about npm.

I guarantee that npm is full up with vibe coded bullshit at this point as well.

I’m not sure what it even takes to upload a package to npm. Not even a pulse. I honestly never looked into it because the whole ecosystem is so rancid.

EDIT: Look at how many shits in this are optional (and note the overall quality of the article as well): https://dev.to/aneshodza/publishing-your-first-npm-library-51k2. The ecosystem sucks.