Why did is-promise happen and what can we learn from it

The is-promise incident highlights the importance of proper testing, especially end-to-end package testing, to catch breaking changes before releasing them. The maintainer's swift response and post-mortem analysis demonstrate responsible maintenance practices. The incident also emphasizes the significance of semantic versioning, as adding support for ES Modules required a breaking change that was published as a minor update. Additionally, using Node.js LTS versions can help avoid issues caused by bleeding-edge versions, while holding back on swift upgrades is recommended to prevent similar problems. Lockfiles and package-lock.json files are not directly relevant in this case, but understanding how they work can be useful for dependency management.