Tuesday, May 17, 2022
News

GitHub developer corrupts popular open source libraries, suspended

   SocialTwist Tell-a-Friend    Print this Page   COMMENT

New Delhi | Monday, 2022 4:45:08 PM IST
A developer has corrupted a pair of popular open-source libraries on Microsoft-owned platform GitHub, leaving thousands of users stunned. The developer has since been suspended from the open-source platform.

The open source libraries -- 'faker' and 'colors' -- that thousands of users depend on, started producing gibberish data and breaking after the developer of these libraries intentionally, introduced an infinite loop that bricked thousands of projects that depend on 'colors' and 'faker', reports BleepingComputer.

While it looks like color.js has been updated to a working version, faker.js still appears to be affected.

"The 'colors' library receives over 20 million weekly downloads on software npm alone, and has almost 19,000 projects depending on it. Whereas, 'faker' receives over 2.8 million weekly downloads on npm, and has over 2,500 dependents," the report said on Sunday.

The developer, Marak Squires, introduced a malignant commit (a file revision on GitHub) to colors.js that adds "a new American flag module," as well as rolled out version 6.6.6 of faker.js, triggering the same destructive turn of events.

It left several users of popular open-source projects, such as Amazon's Cloud Development Kit, left in shock after they saw their applications print gibberish messages on their console.

These messages included the text 'LIBERTY LIBERTY LIBERTY' followed by a sequence of non-ASCII characters, according to the report.

Squires later posted an update on GitHub to address the bug, which refers to the glitchy text that the corrupt files produce.

"Please know we are working right now to fix the situation and will have a resolution shortly," he wrote.

Squires later posted a tweet, saying he has been suspended from GitHub.

GitHub was yet to make an official statement on the development.

The open-source platform is currently making headlines in India as the two controversial and derogatory 'Sulli Deals' and 'Bulli Bai' apps were created on GitHub.

The access of GitHub was with all the members of the groups behind those apps.

--IANS na/dpb

( 334 Words)

2022-01-10-10:36:03 (IANS)

 
  LATEST COMMENTS ()
POST YOUR COMMENT
Comments Not Available
 
POST YOUR COMMENT
 
 
TRENDING TOPICS
 
 
CITY NEWS
MORE CITIES
 
 
 
MORE SCIENCE NEWS
Reseachers finds imbalance between energ...
Here's how greenhouse gas emissions can ...
Bezos' Blue origin targets May 20 for ne...
Study suggests some strategies to cut me...
Research suggests soil from moon can gen...
Scientists identify how brain triages em...
More...
 
INDIA WORLD ASIA
CBI inspector fights at party, sent back...
SC to hear plea on Gyanvapi mosque compl...
Rainfall, light to heavy, to continue ov...
Fault lines widening amongst Indian Musl...
Rajasthan's Ramgarh Vishdhari Sanctuary ...
Telangana Cong to urge Rahul Gandhi to l...
More...    
 
 Top Stories
Angel Di Maria set to leave PSG for... 
Aditya Birla Group's Hindalco Ind L... 
Pakistan: PTI government local repr... 
Delhi HC dismisses plea moved by fo... 
Manakamna Group launches Home Squar... 
Hangzhou 2022 Asian Para Games post... 
Sri Lanka: Parliament rejects oppos... 
Adoption of Voice Technology crucia...