NPM website was down(status.npmjs.org)

108 pointsby 18nleung2 hours ago17 comments

iLemmingan hour ago
First GitHub, now NPM? Oh no... That is happening, guys. Rise of the machines. I hope Jira is next and Slack follows.
- 21 minutes ago
  undefined
corvad2 hours ago
I wonder if this is an underlying infra issue with Azure being that Github was also having issues.
- nulltrace2 hours ago
  We added a preflight curl against registry.npmjs.org before the install step in CI. Not surprising they went down together.
- 2ndorderthought2 hours ago
  I bet 10 dollars it's DNS.
  - thanatos_dem2 hours ago
    Nah, can't be, Azure DNS has a 100% SLA after all: https://learn.microsoft.com/en-us/azure/dns/dns-faq#what-is-...
    parliament3221 minutes ago
    To be fair, it feels like the DNS service has been the most reliable part of our Azure infra. Never really had issues with it, whether with traffic or API calls.
    shakna43 minutes ago
    "Always" up, but maybe not going where you expect. [0]
    [0] https://arstechnica.com/information-technology/2026/01/odd-a...
  - yomismoaqui2 hours ago
    It's not DNS There's no way it's DNS It was DNS
    - SSBroski
  - corvad2 hours ago
    Just wait and it will be something like "Github's internal DNS was down and caused widespread service communication issues."
  - xaxfixho2 hours ago
    it might just be *AZURE*
  - Imustaskforhelp2 hours ago
    I am waiting for jeff geerling's "its always dns" t-shirt reference/video about it if that's the case.
  - Scipio_Afri2 hours ago
    Easy there buddy, not everything needs to be a polymarket bet :-)
- munk-a2 hours ago
  It's likely someone just ran npm ls -all
airstrike2 hours ago
https://www.ebay.com/ is also down
- Raed667an hour ago
  lots of amazon pages & search seem to be degraded as well
cozzyd2 hours ago
That's one way to fix supply chain vulnerabilities.
- tantalor2 hours ago
  Can't have any vulnerabilities if you don't have a supply chain
- nine_kan hour ago
  More seriously, keeping a local cache of external npm packages, and a local artifact storage for internal npm packages looks like a wise thing to have done long ago. Might be cheaper in the long run.
  Ironically, both Nandu and Verdaccio are implemented in Tyepscript and install via npm.
  (Same logic obviously applies to Python packages, Docker images, etc.)
  - hmokiguessan hour ago
    At my former job we had a private registry that was a mirror of npm’s with an approval gate for packages devs would request and it would always pin versions
    I took that for granted back then and just assumed it was standard enterprise policy
  - miohtamaan hour ago
    Only if we had a turn key distributed cache, like IPFS
    ibejoeban hour ago
    Does IPFS support content eviction now? If not, that could go wrong really fast. You get a compromised package out there and then, I think, literally every node needs to unpin it or it remains.
    cluckindanan hour ago
    Waiting for the BitTorrent package manager
  - XorNotan hour ago
    Caching NPM was easier when you could pull the Couchbase replicate API. Afaik that's gone and now you just have to send a bazillion http requests instead.
hexasquidan hour ago
Hold the jokes until we're sure this isn't an `.unwrap()`
dmitrygr9 minutes ago
libc is still working just fine, as is the linux kernel. Mayhaps having 2000 dependencies on 3000 packages from 4000 unvetted sources was a mistake afterall?
squarefootan hour ago
Ebay is also down. https://www.isitdownrightnow.com/ebay.com.html
normie30002 hours ago
Well it is owned by github.
- cute_boi2 hours ago
  which is owned by microslop
  - rvz2 hours ago
    ...and proudly maintained by Microsoft's AI agents: Tay.ai, Zo, and Copilot.
    They seem to be doing a pretty good job at wrecking both GitHub and npm at the same time.
corvadan hour ago
Fixed as of 22:30 UTC. Hope there's a postmortem.
dabinatan hour ago
Tailscale too: https://status.tailscale.com/
idoxeran hour ago
Works for me, could be region related
saadn922 hours ago
ha, github is down too
simjnd2 hours ago
https://npmx.dev is not
xmprt2 hours ago
With all the github instability, I wonder if Cloudflare or some other provider is going to look into providing a similar service.
- dllrran hour ago
  Cloudflare artifacts??
  https://developers.cloudflare.com/artifacts/
- sofixa2 hours ago
  GitLab is right there. And overall provides a better product than GitHub, if nothing else on these two points:
  * You can actually have an organisational structure (folders/namespaces), and projects can be moved around with automatic redirects. Also, inheritance of access controls, variables between the namespaces
  * GitLabCI is organised in a way that makes supply chain attacks less of a risk. GitHub Actions takes the NPM/JS approach, where every step is an action, one you usually need to get off someone, with shoddy versioning, tons of transient dependencies, etc. In GitLabCI you can have templates, but you don't have to use an external template for every bit. It's shell scripting on top of containers, so you can have custom container images with your stuff, or custom scripts, or templates that bundle it all.
  - an hour ago
    undefined
  - justincliftan hour ago
    GitLab also limits the size of PRs/MRs, which makes it Unfit for Purpose. :( :( :(
    Its a problem they know about, but have no plan to fix before 2027.
    irishcoffeean hour ago
    I mean, the PR limit is like a million characters. I would also reject a PR of a million characters. That’s bananas.
    justinclift26 minutes ago
    Not sure about that "million characters", but we've been bitten by it in our production systems. :(
    Thus, we're moving off GitLab.
  - fontainan hour ago
    All of those features are supported by GitHub in some form, e.g: Organizations can now belong to Enterprises.
    dijksterhuis6 minutes ago
    tree based directory structure stuff is available on gitlab’s free tier — so are all the permissions inheritance for groups etc.
    so, while you’re technically right, these features are paywalled heavily on github.
    ime you get more features on gitlab for the same price (or less)
naikrovek2 hours ago
Oh no. At least nothing of value is affected.
:)
cute_boi2 hours ago
microslop slops are down.
- 12345hn67892 hours ago
  Azure is completely dead across multiple resources. Confirming....
  - DaiPlusPlus2 hours ago
    https://azure.status.microsoft/en-US/status says "There are currently no active events." - and everything's fine with my day-job's Azure sub right now.
TesterVetter2 hours ago
[dead]