Friday, March 25

Rage-quit: Coder unpublished 17 lines of JavaScript and “broke the Internet”

(credit: Photo illustration by Aurich Lawson)

It all started with a request from the developers of a messaging application to an open-source developer to change the name of a library. It ended with JavaScript developers around the world crying out in frustration as hundreds of projects suddenly stopped working—their code failing because of broken dependencies on modules that a developer removed from the repository over a policy dispute.

At the center of it all is npm, Inc., the Oakland startup behind the largest registry and repository of JavaScript tools and modules. Isaac Schlueter, npm's creator, said that the way the whole thing shook out was a testament to how well open source works—the missing link was replaced by another developer quickly. But many developers are less than elated by the fact that code they've become dependent on can be pulled out from under them without any notice.

The disruption caused by the wholesale unpublishing of code modules by their author, Azer Koçulu, was repaired in two hours, Schlueter told Ars, as other developers filled in the holes in the repository. The incident is, however, prompting Schlueter and the team at nmp Inc. to take a look at how to prevent one developer from causing so much collateral damage.

Read 21 remaining paragraphs | Comments

No comments:

Post a Comment