@dkf said in Guy brings down thousands of npm builds: @Tsaukpaetra said in Guy brings down thousands of npm builds: I'm amazed that there was a systemically enforced policy to disallow deletion of a package if it so happens that some other package happens to reference it. I'm more surprised that there isn't a check to see whether the dependency graph is a DAG. There probably is at the point of resolution in npm itself. But note that “everything” is really a meta package that points to half a dozen other packages that just hard-list everything else, built by scraping the npm registry. Which means it must be doing something DAG like somewhere because everything-registry/everything -> everything-registry/chunk0 -> list of dependencies, such that everything itself only has 5 dependencies (chunk0 through chunk4) and those individually have all the dependencies.