Small library updates affect millions of JavaScript projects
Small library updates affect millions of JavaScript projects

The modernization of the JavaScript library has affected a large portion of the JavaScript ecosystem and is said to have affected millions of projects. This issue is caused by a one-line JavaScript library, which means it is the second time for a small JavaScript project.

The software package that causes the problem is called (is-promise). The library contains two lines of source code. Developers can use their projects with a one-line call to test whether a JavaScript object is a "promise". Use this option to return a logical result if you return true or not.

Although the package consists only of two lines of code that performs basic analysis, the Is-Promise library is one of the most used JavaScript packages (libraries) in the package manager (npm), which are the standard management packages for the device's JavaScript node environment. .js).

According to GitHub, the library is part of more than 3.4 million projects, and 766 other JavaScript libraries depend on it.

The library (the promise) was updated a few days ago to get a standard unit system (ES) that supports use as a JavaScript unit, but the version (promise) version 2.2.0 does not meet the corresponding ES standard.

Projects using the promised library failed due to incorrect I / O support and immediately noticed the effects of this error because closed source JavaScript programming rules affect access to some of the largest JavaScript projects.

Although this bug does not destroy existing projects, it prevents developers from compiling new versions of projects, including Facebook (Create React) applications, Google Frameworks (Angular.js), Google Tools (Firebasse), and (AWS) CLI. Without Amazon Server).

The original Library Team released an update, but the issue could not be resolved, and the team eventually removed ES support in 2.2.2.

This accident is the second accident caused by a problem with the JavaScript ecosystem due to a small JavaScript library. A similar situation occurred in March 2016 when the author of the left JavaScript library decided to re-release the library with 17 lines of code, causing thousands of projects to be suspended.

As in 2016, the original incident with the library raised questions and began to discuss the need for single-line libraries in the ecosystem.




Save 80.0% on select products from RUWQ with promo code 80YVSNZJ, through 10/29 while supplies last.

HP 2023 15'' HD IPS Laptop, Windows 11, Intel Pentium 4-Core Processor Up to 2.70GHz, 8GB RAM, 128GB SSD, HDMI, Super-Fast 6th Gen WiFi, Dale Red (Renewed)
Previous Post Next Post