How one yanked JavaScript package wreaked havoc

When a developer 'unpublished' his work from the NPM JavaScript package registry, it broke dependencies for many other projects -- and highlighted the fragility of the open source ecosystem

Developers who rely on NPM, the JavaScript package registry created by the Node.js ecosystem, experienced a shock earlier this week when a small package removed from NPM unexpectedly caused many others to stop working.

The episode underscored the fact that dependencies between NPM modules remain an unsolved problem -- and legal pressure on software developers can have repercussions far beyond the obvious.

Copyright © 2016 IDG Communications, Inc.

How to choose a low-code development platform