react-native: Install Fails - left-pad@0.0.3 is no longer on npm

One of the dependencies in react-native (currently looking into which one - will post back here when I figure it out) depends on left-pad@0.0.3. 15 minutes ago (as of the writing of this issue) left-pad updated to 0.0.9 and they seem to have removed 0.0.3 from npm: https://www.npmjs.com/package/left-pad

This results in the following error when simply running npm i react-native:

npm ERR! No compatible version found: left-pad@0.0.3
npm ERR! Valid install targets:
npm ERR! 0.0.9

😞

About this issue

Original URL
State: closed
Created 8 years ago
Reactions: 58
Comments: 20 (4 by maintainers)

Most upvoted comments

For everyone giving +1: https://github.com/blog/2119-add-reactions-to-pull-requests-issues-and-comments

[Note by @vjeux: I deleted all the +1 comments to make this issue easier to follow]

+35

knpwrs on Mar 22, 2016

Makes you wonder what was in versions 0.0.4-0.0.8…

+30

macavity23 on Mar 22, 2016

FYI: The library in question fits in a tweet (https://twitter.com/the_kenny/status/712414574658588672). Maybe people should finally start to think about what deserves to be an external dependency and what not.

+23

the-kenny on Mar 22, 2016

Kinda ironic considering the entire package is:

module.exports = leftpad;

function leftpad (str, len, ch) {
  str = String(str);
  var i = -1;
  ch || (ch = ' ');
  len = len - str.length;

  while (++i < len) {
    str = ch + str;
  }

  return str;
}

+21

findmory on Mar 22, 2016

This issue is also discussed here, but a workaround is to add this to your package.json:

"left-pad": "git://github.com/azer/left-pad.git#bff80e3ef0db0bfaba7698606c4f623433d14355"

+12

dimitriwalters on Mar 22, 2016

just to be clear this also means react-native init <projectName> fails as well

+11

findmory on Mar 22, 2016

npm republished that version: https://twitter.com/seldo/status/712414400808755200

+10

vjeux on Mar 22, 2016

Author has pulled his packages from NPM. See https://medium.com/@azerbike/i-ve-just-liberated-my-modules-9045c06be67c#.y64upds2r

+10

samwgoldman on Mar 22, 2016

I’ve published Babel 6.7.2 and 5.8.38 to fix this. The ranges in package.json are fine but the shrinkwrap will need to be updated.

sebmck on Mar 22, 2016

Tracing backwards through the dependencies, Babel indirectly depends on left-pad. So basically that guy broke a ton of the JS ecosystem by indirectly breaking Babel (people reading this – take note, probably not the best idea).

Once Babel republishes their packages as either a patch or minor version update, npm will automatically get the latest version of Babel with the fix.

Shrinkwrap wouldn’t have helped because the author outright deleted the package from npm, so there’s not much we could have done in this situation other than to statically ship the dependencies with react-native. Perhaps npm will come up with a better story around this – ex: making it so that packages stay up for 24 hours and print a big warning about a pending removal if you try to install an unpublished version.

ide on Mar 22, 2016

npm install plus-one@0.0.3

npm ERR! No compatible version found: plus-one@0.0.3
npm ERR! Valid install targets:
npm ERR! 0.0.9

bennidhamma on Mar 22, 2016

User @azer mentions in his post that he would be glad to hand over ownership of a module—I’m assuming that means it’s also OK to republish the module on NPM. Since this is such an extremely simple module, perhaps someone could take it over and republish 0.0.3? That might help lots of people avoid the extra work to fix this.

msikma on Mar 22, 2016

damn!!! the same issue but with Ember. Can’t deploy to heroku anymore 😦

Blackening999 on Mar 22, 2016