Skip to main content
To Customer Support To Customer Support

Dispute over module name in npm registry became giant headache for developers.

by Sean Gallagher (US) - Mar 25, 2016

 

It all started with a request from the developers of a messaging application to an open source developer to change the name of a library. It ended with JavaScript developers around the world crying out in frustration as hundreds of projects suddenly stopped working—their code failing because of broken dependencies on modules that a developer removed from the repository over a policy dispute.

 

At the center of it all is npm, Inc., the Oakland startup behind the largest registry and repository of JavaScript tools and modules. Isaac Schlueter, npm's creator, said that the way the whole thing shook out was a testament to how well open source works—another developer replaced the missing link quickly. But many developers are less than elated by the fact that code they've become dependent on can be pulled out from under them without any notice.

 

Full Article
Just shows one the power of code & programming...17 line sof code may not seem like a lot but even one line can change the whole context of an application.

 

Worrying that "a developer removed from the repository" was something that was possible...if someone like that can remove something important then who know what someone else could introduce into the respository? :(

Reply


Terms & Conditions