Navigation
Recherche
|
Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps(Bleeping Computer)
lundi 10 janvier 2022, 16:20 , par LWN.net
Bleeping Computer reports
on the latest NPM mess: the developer of the 'faker' module deleted the code and its development history from GitHub (with a force push), replaced it with a malicious alternative, and broke dependencies for numerous applications. The reason behind this mischief on the developer's part appears to be retaliation—against mega-corporations and commercial consumers of open-source projects who extensively rely on cost-free and community-powered software but do not, according to the developer, give back to the community. GitHub has evidently called this action a violation of its terms of service and disabled the owner's account; NPM has restored a previous version of the code.
https://lwn.net/Articles/880809/rss
|
56 sources (32 en français)
Date Actuelle
ven. 26 avril - 14:06 CEST
|