Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

releases available via npm

See original GitHub issue

I just found out that currently only the latest version of ecstatic is available via npm:

$ npm view ecstatic versions  --json
[
  "4.1.2"
]

Could you make the older versions available as well? There are a lot of libraries that are using this module and removing older version can break the build.

Issue Analytics

State:
Created 4 years ago
Reactions:49
Comments:76 (15 by maintainers)

Top GitHub Comments

49reactions

nolmancommented, May 2, 2019

It’s unclear to me why someone (not sure who) decided that old versions needed to be unpublished. Typical best practice is to leave these old vulnerable versions out and give people an advisory to update. There are people like myself who use this library in a context where the vulnerable did not impact us (only used in CI), however what did impact us was pulling the old versions from NPM and breaking all of our builds.

I appreciate this open source software, the people who make it and the time they spend in doing so. That said when people start to depend on your work it is impolite to remove it with no recommended upgrade path. Sure your time is limited, or you don’t want to maintain this library anymore, that’s okay I get it. However when you pull packages from NPM you are needlessly taking time from other people.

43reactions

Blackbaud-PaulCrowdercommented, May 2, 2019

Or perhaps backport the security fix to 3.x and 2.x so that the Internet is no longer broken. This is having ripple effects across a huge number of consumers right now.

Top Results From Across the Web

release-please - npm

Release Please automates CHANGELOG generation, the creation of GitHub releases, and version bumps for your projects. It does so by parsing your ...

Previous Releases - Node.js

Version Date V8 npm NODE_MODULE_VERSION Node.js 19.3.0 2022‑12‑14 10.8.168.21 9.2.0 111 Downloads C... Node.js 19.2.0 2022‑11‑29 10.8.168.20 8.19.3 111 Downloads C... Node.js 19.1.0 2022‑11‑14 10.7.193.20 8.19.3...

npm v9.0.0 released | GitHub Changelog

Wednesday Oct. 19th ; Wednesday Nov. 9th (General Availability) ; Wednesday Dec. 7th (~4 weeks after GA) ; Wednesday Jan. 18th (~6 weeks...

npm Releasing - Travis CI Docs

Travis CI can automatically release your npm package to npmjs.com or another npm-like registry after a successful build. By default Travis CI publishes...

Publishing on distribution channels - semantic-release

0 and make it available on the default distribution channel which is the dist-tag @latest for npm. The Git history of the repository...