🚨 The authors of node-ipc have pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address.
This affects some large projects like Vue CLI where it is a dependency.
https://github.com/RIAEvangelist/node-ipc/issues/233
In the statement from the NGO they threaten legal action. Is there grounds/precedent for such a thing? Don’t you use open source code at your own risk?
im of course not a lawyer,
but id expect that there might be a diffrence between stuff breaking or not working as expected, and what sounds like intentional sabotage
In the statement from the NGO they threaten legal action. Is there grounds/precedent for such a thing? Don’t you use open source code at your own risk?
im of course not a lawyer,
but id expect that there might be a diffrence between stuff breaking or not working as expected, and what sounds like intentional sabotage