What happens when the maintainer of a JS library downloaded 26m times a week goes to prison for killing someone with a motorcycle? Core-js just found

Adam

Mr. Webwide
Administrator
Local time
07:49
Joined
Sep 24, 2019
Messages
1,251
Pronouns
he/him

A reminder for many I am sure about the perils of relying on so much 3rd-party, unaudited and single-handedly maintained software out there. Establishing a new fork that people can trust will not be easy if many realise at all to update their dependencies.

 

Gummibeer

Astroneer
Moderator
Local time
08:49
Joined
Oct 5, 2019
Messages
1,159
Pronouns
he/him

That's the reason why I do all my OSS in the Astrotomic organization which will make it easy to handover and keep the same repo, namespace and so on.

 

LividJay

Member
Local time
03:49
Joined
Feb 16, 2020
Messages
61

Yikes. I've always tried to avoid using third-party libraries when possible. However, tight timelines and the team's inexperience in areas leaves us no choice. We recently had to rip out PDFSharp since they betrayed the community with their pay model/license. We couldn't use the old version anymore because it broke as we upgraded our .NET version.

 
Top