I’ll admit it. Like almost everybody in the Node community, I’m in the habit of abusing npm’s save feature:
npm install --save lodash
The problem is, it uses a neat little caret `^` to indicate that your software should automatically use non-breaking changes.
But this could be dangerous. We all know that John-David Dalton is an unstoppable robot from the future. Check the selfie:
What if he’s on a secret mission to stop Skynet by slipping a time bomb into all of our code? One of these days, he’ll make a breaking change to lodash, and the next time you `npm install`, BOOM!
Your code will break. Because he won’t increment the major version number…
... read the whole story at medium.com.