This post originated from an RSS feed registered with Java Buzz by News Manager. Original Post: How one yanked JavaScript package wreaked havoc Feed Title: JavaWorld Feed URL: http://www.javaworld.com/index.rss Feed Description: JavaWorld.com: Fueling Innovation Latest Java Buzz Posts Latest Java Buzz Posts by News Manager Latest Posts From JavaWorld

Developers who rely on NPM, the JavaScript package registry created by the Node.js ecosystem, experienced a shock earlier this week when a small package removed from NPM unexpectedly caused many others to stop working.

The episode underscored the fact that dependencies between NPM modules remain an unsolved problem -- and legal pressure on software developers can have repercussions far beyond the obvious.

How the chain broke

Developer Azer Koçulu, with dozens of modules registered in his name on NPM, stated he had been advised to rename his module named "kik" after receiving a note from a lawyer at the company that makes the Kik mobile messenger product. (The makers of Kik have since published their discussion of events.)

To read this article in full or to leave a comment, please click here