This is amazing:
bleepingcomputer.com/news/secu

tl;dr:
1. a developer of a bunch of popular packages publishes new, intentionally broken versions of them as he doesn't want to support for-profit companies with his free work;
2. NPM *reverts* the packages to older versions against developer's wishes;
3. GitHub *blocks* the developer for acting "irresponsibly".

That story again: developer blocked by for making changes to his own code.

This is why and @forgefriends are so important!

@rysiek @forgefriends worth noting that the man was also previously arrested for trying to make bombs and assaulting his partner, so careful about cheering him on as some kind of righteous martyr

abc7ny.com/suspicious-package-

someone also noted he tried to run a fundraiser with some kind of sob story about funding FOSS to fund his legal costs after that there incident where his house went on fire while he was building a bomb and his insurance refused to cover it

@rysiek @forgefriends like there's Aaron Swartz and then there's the Unabomber %)

Follow

@outie @forgefriends dragging Aaron into this is absolutely crap move.

Nobody's cheering the developer. But him being a shitty jerk doesn't make everyone else here right. And the story should focus on the broader problem of how completely screwed dependency management is, and how Big Tech lives off of free work provided by FLOSS developers, rather than personal history of that dude.

· · Web · 0 · 0 · 2
Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!