{"id":1798,"date":"2022-03-21T13:00:17","date_gmt":"2022-03-21T05:00:17","guid":{"rendered":"https:\/\/tongwing.woon.sg\/blog\/?p=1798"},"modified":"2022-03-21T13:00:17","modified_gmt":"2022-03-21T05:00:17","slug":"big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war","status":"publish","type":"post","link":"https:\/\/tongwing.woon.sg\/blog\/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war\/","title":{"rendered":"BIG sabotage: Famous npm package deletes files to protest Ukraine war"},"content":{"rendered":"<p>Oh dear. Yet another <a href=\"https:\/\/tongwing.woon.sg\/blog\/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps\/\">npm author went rouge<\/a>. This time it appears that the npm package deletes files for users with Russian\/Belarus IP addresses. Time to take package pinning more seriously.<\/p>\n<blockquote><p>This week, the developer of the\u00a0popular npm package &#8216;node-ipc&#8217;\u00a0released sabotaged versions of the library\u00a0in protest of the ongoing Russo-Ukrainian War. The &#8216;node-ipc&#8217; package, which gets downloaded\u00a0over a million times\u00a0weekly, began deleting files on developer&#8217;s machines, in addition to creating new text files\u00a0with &#8220;peace&#8221; messages.<\/p><\/blockquote>\n<p>Source: <em><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war\/\">BIG sabotage: Famous npm package deletes files to protest Ukraine war<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oh dear. Yet another npm author went rouge. This time it appears that the npm package deletes files for users with Russian\/Belarus IP addresses. Time to take package pinning more seriously. This week, the developer of the\u00a0popular npm package &#8216;node-ipc&#8217;\u00a0released sabotaged versions of the library\u00a0in protest of the ongoing Russo-Ukrainian War. The &#8216;node-ipc&#8217; package, which [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,10],"tags":[],"_links":{"self":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1798"}],"collection":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/comments?post=1798"}],"version-history":[{"count":1,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1798\/revisions"}],"predecessor-version":[{"id":1799,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1798\/revisions\/1799"}],"wp:attachment":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/media?parent=1798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/categories?post=1798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/tags?post=1798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}