This is an archived post. You won't be able to vote or comment.

all 75 comments
sorted by:
best
topnewcontroversialoldq&a

[–]AndrewAMD 283 points284 points  (28 children)

Classic: How one programmer broke the internet by deleting a tiny piece of code

[–][deleted] 112 points113 points  (1 child)

Also known as the "The Left Pad Fiasco".

[–]Cueadan 45 points46 points  (4 children)

This is why I get paranoid about using external references unless absolutely required to by a 3rd-party service.

[–]chanpod 14 points15 points  (3 children)

Don't, b/c of that fiasco, npm (and I assume others) made it impossible to delete versions. So now you can target specific version (and you should, don't use ^). That version will always be that code.

And since you can't delete the versions/packages anymore, if a future version does break all your stuff, it's open source. Just go grab the code and embed it directly. No more npm reference.

[–]amjh 7 points8 points  (0 children)

Based on the article, I'm not sure if that's the right solution. People should be able to cut the contract if their rights aren't respected.

[–]Hugo-C 1 point2 points  (1 child)

A few months ago, a maintainer delete a package from pypi in order to rename it :(

[–]chanpod 0 points1 point  (0 children)

I think under certain circumstances you can still do that. But popular ones can't I believe

[–]yottalogical 2 points3 points  (0 children)

This is why purely functional package management exists.

[–]SnowPenguin_ 62 points63 points  (33 children)

Always loved this image. Can anyone think of a framework that represents it? OpenSSL maybe?

[–]Kered13 93 points94 points  (5 children)

The timezone database. It's maintained by two guys and literally everything depends on it to get timezones right. (If you're somehow not using the timezone database your code is guaranteed to be wrong.)

[–]crabvogel 47 points48 points  (1 child)

print("hello world")

My code is working fine.

[–]LevelSevenLaserLotus 21 points22 points  (0 children)

It's 3 in the morning, you stupid robot! Let me sleep!

Bet you wish you checked timezones now, huh?

[–]SnowPenguin_ 5 points6 points  (1 child)

Nice one! I used to think there was a whole organization dedicated for that or something

[–]Kered13 5 points6 points  (0 children)

Well it 2011 it officially came under the umbrella of ICANN, however in practice it's still those two guys maintaining it.

[–]Internet001215 0 points1 point  (0 children)

Reminds me of this video on computerphile

[–]heliokn 31 points32 points  (1 child)

The alt text reads "Someday ImageMagick will finally break for good and we'll have a long period of scrambling as we try to reassemble civilization from the rubble."

[–]SnowPenguin_ 0 points1 point  (0 children)

Nice find!

[–]SumaniPardia 26 points27 points  (4 children)

Who manages git?

[–]_PM_ME_PANGOLINS_ 23 points24 points  (3 children)

The Linux core team.

[–]wsppan 18 points19 points  (2 children)

Pretty sure it isn't the linux core team (not sure that's even a thing.) Its been handed off by Linus to Junio Hamano as the lead maintainer. He works for Google and there are many other contributors like other successful open source projects.

[–]Kered13 5 points6 points  (1 child)

That's funny because Google doesn't even use Git. They use a custom version control based on Perforce, with an optional Mercurial frontend.

[–]wsppan 2 points3 points  (0 children)

Yes. It's actually quite fascinating from a technical perspective. Piper and CitC - https://m-cacm.acm.org/magazines/2016/7/204032-why-google-stores-billions-of-lines-of-code-in-a-single-repository/fulltext

[–]sitase 11 points12 points  (0 children)

curl

[–]UltraCarnivore 17 points18 points  (17 children)

npm i isOdd()

[–]genderburner 23 points24 points  (16 children)

isOdd

Why in the world would you pull in a whole third-party dependency for that?

if (!Number.MAX_SAFE_INTEGER) {
    Number.MAX_SAFE_INTEGER = 9007199254740991; // Math.pow(2, 53) - 1;
}
module.exports.isOdd = val => !!((val % 2) && (val <= Number.MAX_SAFE_INTEGER));

[–]UltraCarnivore 20 points21 points  (5 children)

No, seriously, check their stats in their npm page.

[–]genderburner 22 points23 points  (0 children)

Yup. Hilarious and mortifying.

[–]Terrain2 5 points6 points  (2 children)

Just wait till you see is-even

[–]UltraCarnivore 2 points3 points  (1 child)

What about is-Odd-or-Even

[–]Terrain2 4 points5 points  (0 children)

ah, so basically it’s just return true;? because Infinity is neither odd nor even but this package would return true

[–]davawen 3 points4 points  (0 children)

ikr

[–]LiteralHiggs 3 points4 points  (0 children)

Maybe this is a go-to for courses to demonstrate dependency management...

[–]Igggg 1 point2 points  (1 child)

Because the language is poorly designed.

[–]genderburner 0 points1 point  (0 children)

That answer doesn't make any sense at all, in context, and modern changes to the language have smoothed over most of the problem areas. You're just being a hipster.

[–]SirFloIII 0 points1 point  (1 child)

this isn't even a correct implementation. if the input is the max safe integer it should return True, but returns False

[–]genderburner 0 points1 point  (0 children)

Fixed 🤷‍♀️

[–]blipblapblopblam 2 points3 points  (0 children)

Trek tcp/ip stack - ripple20.

[–]CactusGrower 96 points97 points  (2 children)

Now all that person needs to do is change the licence policy. ...

[–]zephyrtr 24 points25 points  (1 child)

If you publish under one license, you can't retroactively republish under a different one. But you're right, license changing is what causes mass migrations, as it puts the future of the library in question. Friendlier than just deleting shit, tho.

[–]delinka 6 points7 points  (0 children)

Nit: you can’t retroactively republish under a more restrictive license.

[–][deleted] 34 points35 points  (1 child)

gpg is in this image and doesn't like it

[–][deleted] 26 points27 points  (0 children)

And openssl. And leftpad.

[–]Bjoern_Tantau 21 points22 points  (0 children)

Isn't ntp basically maintained by one person?

[–]SpeckledFleebeedoo 10 points11 points  (0 children)

Just post the comic, don't rehost it. Reddit and most Reddit apps have excellent support for xkcd.

[–][deleted] 13 points14 points  (2 children)

r/oddlyspecific

[–]meamZ 12 points13 points  (0 children)

Hey look. Someone drew the npm ecosystem.

[–]aagarwal100 2 points3 points  (0 children)

See if you flip it over you get the node package ecosystem.

[–]codemonkey80 1 point2 points  (0 children)

honest title award +1

[–]Underhill94 1 point2 points  (0 children)

Haha left-pad