House of cards
Lessons learned from npm fiasco: How much harm can 11 JavaScript lines of code can do?
Earlier this week, many developers suffered a disruption when Azer Koçulu unpublished a package that JavaScript projects use to install dependencies, including left-pad, an 11-line npm package which has been downloaded more than 575,000 times. Over a thousand software projects were affected.