Several people blamed the recent npm incidents on JS's minimal standard library. I think that's wrong: the affected packages are mostly either already covered by node or could not reasonably be in a standard library. But! I'm always taking suggestions for new stdlib features.