this post was submitted on 22 Jul 2023
43 points (100.0% liked)
Programming
13376 readers
1 users here now
All things programming and coding related. Subcommunity of Technology.
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I remember reading about this years ago, even affected internal Facebook dev team when it happened.
The dev was (rightfully) angry at NPM about another project and asked NPM to delist all of them. For some reason NPM at the time allowed this. I think they just had never thought about the problems it could cause before. Deployments to package managers, especially open source deployments with irrevocable licences, shouldn't be allowed to be removed. Doubly so once they're depended on. NPM's policy changed and is now more in line with that.
It affected pretty much everyone because some very popular frameworks at the time pulled left pad in transitively through other modules. Then because those popular frameworks did and most everyone was using those frameworks it broke pretty much everyone.