JS Party: JavaScript, CSS, Web Development
Technology
Darcy Clarke, former GitHub Staff Engineering Manager and founder of vlt, joins us to discuss a major bug in the npm ecosystem that he recently disclosed. We cover the bug’s timeline, nuances, and impact, all while setting some important context on npm packages, clients, and registries. Tune in to learn how to protect your codebase and gain a deeper understanding of this crucial part of the JavaScript ecosystem.
Leave us a comment
Changelog++ members save 2 minutes on this episode because they made the ads disappear. Join today!
Sponsors:
Featuring:
Show Notes:
Something missing or broken? PRs welcome!
Timestamps:
(00:00) - It's party time, y'all
(00:40) - Welcoming Darcy
(02:56) - A massive bug
(05:04) - Ecosystem overview
(09:30) - But why?
(13:58) - Verdaccio
(16:46) - Why is this so broken
(27:38) - Timeline of the bug
(41:40) - Blog post feedback
(43:45) - Why, GitHub, why?!
(45:12) - Sponsor: Changelog News
(46:44) - How do we dig ourselves out
(53:14) - What the early days were like
(55:03) - What's next for Darcy
(57:25) - vlt (Volt)
(59:45) - Closing time!
(1:01:57) - Next up on the pod
Create your
podcast in
minutes
It is Free