• priapus@sh.itjust.works
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    It does not actually wipe your disk, it just places a file on the users desktop. It seems the author originally wanted to wipe the users disk, but decided against it. Shit like this is a great reason to always pin your dependencies and do your research before upgrading them.

    • TheAnonymouseJoker@lemmy.mlOP
      link
      fedilink
      arrow-up
      5
      arrow-down
      6
      ·
      1 year ago

      Pretty sure the author decided to do it in the first place. That moron is the reason why I hesitate to install LITERALLY ANY NPM PACKAGE now.

  • isleofmist@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    3 years ago

    This is terrible and node-ipc should not have done this. It’s shameful conduct by node-ipc authors.

  • murtaza64@programming.dev
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    In the statement from the NGO they threaten legal action. Is there grounds/precedent for such a thing? Don’t you use open source code at your own risk?