The Node.js Ecosystem Is Chaotic and Insecure

Casper Beyer
Mar 30, 2018 · 4 min read
A modern web developer at work

It seems like only yesterday we had the “left-pad” fiasco where Azer Koçulu ended up pulling his packages after a name dispute.

It wasn’t really that dangerous that the code was deleted, that only broke the builds which everyone noticed during their build process and the whole ordeal lasted for like two hours.