• @priapus@sh.itjust.works
    link
    fedilink
    78 months ago

    It does not actually wipe your disk, it just places a file on the users desktop. It seems the author originally wanted to wipe the users disk, but decided against it. Shit like this is a great reason to always pin your dependencies and do your research before upgrading them.

    • @TheAnonymouseJoker@lemmy.mlOP
      link
      fedilink
      -18 months ago

      Pretty sure the author decided to do it in the first place. That moron is the reason why I hesitate to install LITERALLY ANY NPM PACKAGE now.

  • @isleofmist@lemmy.ml
    link
    fedilink
    42 years ago

    This is terrible and node-ipc should not have done this. It’s shameful conduct by node-ipc authors.

  • @murtaza64@programming.dev
    link
    fedilink
    28 months ago

    In the statement from the NGO they threaten legal action. Is there grounds/precedent for such a thing? Don’t you use open source code at your own risk?

    • Kerb
      link
      fedilink
      38 months ago

      im of course not a lawyer,
      but id expect that there might be a diffrence between stuff breaking or not working as expected, and what sounds like intentional sabotage