MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
npm
Search

Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps(Bleeping Computer)

Monday January 10, 2022. 04:20 PM , from LWN.net
Bleeping Computer reports
on the latest NPM mess: the developer of the 'faker' module deleted the
code and its development history from GitHub (with a force push), replaced
it with a malicious alternative, and broke dependencies for numerous
applications.

The reason behind this mischief on the developer's part appears to
be retaliation—against mega-corporations and commercial consumers
of open-source projects who extensively rely on cost-free and
community-powered software but do not, according to the developer,
give back to the community.

GitHub has evidently called this action a violation of its terms of
service and disabled the owner's account; NPM has restored a previous
version of the code.
https://lwn.net/Articles/880809/rss

Related News

News copyright owned by their original publishers | Copyright © 2004 - 2022 Zicos / 440Network
Current Date
May, Wed 18 - 11:39 CEST