txt.sour.is prologic@twtxt.net "@movq@www.uninformativ.de Yeah I get your points. I used to maintain hundreds of packages for the CRUX distro once upon a time, so I get it. You ..."

twtxt.net

Tue, Jan 11 08:49 2022 (2y ago)

↳ In-reply-to » Open Source Developer Intentionally Corrupts His Own Widely-Used Libraries "Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking.." reports BleepingComputer. "The developer of these libraries intentionally introduced an infinite loop that bricked thousands of projects that ... ⌘ Read more

@movq@www.uninformativ.de Yeah I get your points. I used to maintain hundreds of packages for the CRUX distro once upon a time, so I get it. Your points about having a “2nd pair of eyes” are somewhat valid, but I say that because I’ve been a maintainer myself, we don’t often do the “right” things as a maintainer and we sometimes get sloppy/lazy….

⤋ Read More