Open source developer corrupts widely-used libraries, affecting tons of projects
Illustration by Alex Castro / The Verge
A developer appears to have purposefully corrupted a pair of open-source libraries on GitHub and software registry npm — “faker.js” and “colors.js” — that thousands of users depend on, rendering any project that contains these libraries useless, as reported by Bleeping Computer. While it looks like color.js has been updated to a working version, faker.js still appears to be affected, but the issue can be worked around by downgrading to a previous... Читать дальше...