back to article How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript

Programmers were left staring at broken builds and failed installations on Tuesday after someone toppled the Jenga tower of JavaScript. A couple of hours ago, Azer Koçulu unpublished more than 250 of his modules from NPM, which is a popular package manager used by JavaScript projects to install dependencies. Koçulu yanked his …

Page:

  1. cantankerous swineherd

    kik have a patent agent on the case with their open source software?

  2. Anonymous Coward
    Anonymous Coward

    Straw Man genocide in progress

    ... this thread.

  3. joeybladb

    Wait. What?!??!

    So one day you have the source code, and the next day you DON'T have the source code?!?!? Why oh why?!?!? Is this some kind of Web Developer thing? Didn't anyone think letting others control what goes into your project might be a BAD idea? I'm at a loss here.

    Hopefully a lesson or two was learned this week!

  4. zylstra

    Roberts said: "The wording..."

    Roberts said: "The wording..." What a jackass.

  5. Pwnball

    this can be simplified alot...

    First off.. whats with all the "z n ch" etc variables? its 2017 for crying out loud, IDE's have been taking care of us for years.. there is zeros (pun intended) reason to shorten variables like that.

    function padLeft(originalValue: string, width: number, character: string) {

    character = character || '0';

    return originalValue.length >= width ? originalValue : new Array(width - originalValue.length + 1).join(character ) + originalValue;

    }

  6. Hans Acker

    kik package still unused after nearly 3 years

    Great article which I am stumbling across nearly 3 years later. It's interesting to note that Kik never did publish a package under the name that started the whole fiasco. What ever happened to the "open source project" they were working on?

    In fact, npm says this about the kik package: "This package name is not currently in use, but was formerly occupied by a popular package. To avoid malicious use, npm is hanging on to the package name, but loosely, and we'll probably give it to you if you want it."

    It'd be interesting to see an editorial follow up as to what happened to the parties involved.

  7. Not Yb Bronze badge

    Why is ANYONE still bothering to left-pad strings in javascript, when there's an entire browser's worth of formatting code already there to be used?

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like