Do you remember Leftpad in 2016? When a developer simply decided to unpublish the package and wreak havoc on millions of other projects? Something similar happened over the weekend.
false. Although is-promise only consists of two lines of code and only returns one boolean, the library is one of the most widely used npm packages. is-promise is found in 3.4 million projects and is used as a dependency in 766 other JS libraries.
The is-Promise Library received an update at the weekend – it should then function according to the ES module standard. Apparently something went wrong: After the update was released, projects using is-Promise in their build chain crashed. The ES module support was evidently implemented incorrectly when the library was updated. With Immediate Impact: Both smaller, private projects and some of the largest projects within the JS ecosystem were affected, including Angular, Nuxt.js,
create-react-app, AVA or Google’s Firebase tools.
Cannot compile new versions
Fortunately, the bug didn’t crash any existing projects, so there was no actual downtime. But it hindered the compilation of new versions. Just hours later, the library team rolled out an update in which they failed to fix the problems. Finally they decided to withdraw the ES module support for the time being.
The other side argues that this modularization in particular is totally valuable because it allows a task to be solved in an efficient manner with the help of a module, instead of forcing each developer to find their own solution for their respective projects.
Suitable for this: