In the open source world, I am in you and you in me.
--Inscription
An npm project has only 2 lines of code, but its applications are quite extensive. The problem was corrected on Saturday, involving a long list of Facebook, Google, and Amazon!
There is such a lethality, it is is-promise , allowing developers to see if a JavaScript object is a Promise . According to the dependency map on github, 3,445,694 libraries all use it!
A similar thing happened as early as 2016.
From:https://www.zdnet.com/article/another-one-line-npm-package-breaks-the-javascript-ecosystem/