Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
npmjs.org tells me that left-pad is not available (404 page) #4
When building projects on travis, or when searching for left-pad on npmjs.com, both will report that the package cannot be found.
Here is an excerpt from the travis build log
And here is the standard npmjs.com error page https://www.npmjs.com/package/left-pad
However, if I remove left-pad from my local npm cache and then reinstall it using npm it will happily install firstname.lastname@example.org.
@tonytamps it seems like the registry has updated weirdly
Just tried replacing the travis version of npm which is fairly old by a the latest and see what it will do
It will now tell me that there is a version 0.0.9... weird.
Will not try to install that one, though, with all the malware going around...
referenced this issue
Mar 22, 2016
#!/usr/bin/env bash curl https://gist.githubusercontent.com/azer/db27417ee84b5f34a6ea/raw/50ab7ef26dbde2d4ea52318a3590af78b2a21162/gistfile1.txt \ | sed 's/^\(.*\)$/\/\1$/' \ > ~/suspicious-packages.txt \ && npm ls --parseable \ | grep -f ~/suspicious-packages.txt
This gave me the output:
Hopefully this might help others determine how to proceed if they are relying on any of these packages.
Surely Kik could have just spent 5 seconds to realise that the NPM package had nothing to do with anything related to them. Solid effort on notifying a bunch of people as to what happened though.
Like others have said, his code can do what he wants with it, it's open source if you wish to republish then do so, rather than complain.
I don't wanna imagine what happens when tomorrow someone trademarks Lodash and wreaks havoc.
Maybe it's time to add an exclusion clause to Open Source licenses for companies like Kik?
BTW: Ask one of 80 million germans about Kik and they'll recognize a completely different company.