node-ipc
es5-ext
Our great sponsors
node-ipc | es5-ext | |
---|---|---|
2 | 10 | |
26 | 166 | |
- | - | |
3.8 | 6.6 | |
17 days ago | about 2 months ago | |
JavaScript | JavaScript | |
MIT License | ISC License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
node-ipc
-
PSA: RIAEvangelist appears to be attempting to pretend he was hacked
For those of you not aware, Brandon Nozaki Miller (aka RIAEvangelist) decided to protest the war in Ukrainian by launching a supply chain attack. After waiting for a while it appears he has adopted a new strategy of pretending that his account was actually hacked and someone else committed this crime. He has recently started getting active again so beware.
- Drop-in fork of `node-ipc`
es5-ext
-
core-js: Don’t send funds to russia
Don't tell me he's a victim of the regime, when other library authors add banners about the war in Ukraine he does not like it https://github.com/medikoo/es5-ext/issues/116 https://github.com/mdn/content/pull/18946 and like the comments about Poland becoming “Russia Poland People's Republic” doesn't look like a victim https://github.com/medikoo/es5-ext/issues/116#issuecomment-1066989820 https://monosnap.com/file/zZl6PrsxPTCtI0qx9XH6AZSb19eX6t and like comments about “Ukraine hit Donetsk with Tochka-U” https://github.com/medikoo/es5-ext/issues/116#issuecomment-1068768522 https://monosnap.com/file/bczy9oIIMSKz48P6K4MlkttrJ5jo5C
-
Just installed Brackets 2.1.2 and my antivirus flagged a file in the Brackets install directory as malicious
P.S. if you open the file in a text editor, you can see the soyness in all it's glory. It's this little bitch, BTW
-
Malware False Positive?
It's a false positive, it's just - https://github.com/medikoo/es5-ext
-
Tell HN: Russian antivirus flags NPM package as malicious for logged message
The popular npm package es5-shim checks location on install and logs a Russian call for peace for Russian users.
Kaspersky (Russian AV) flags this file as a virus.
https://github.com/medikoo/es5-ext/blob/main/_postinstall.js
-
Kaspersky Internet Security deleted a file containing an anti-war message???
I noticed Kaspersky on my mac deleted a file and I saw that file was from a lib used in a work project. I got curious and looked at the file and it included an anti-war message..... I can't tell if Kaspersky deleted it by mistake thinking it's malware or if Kaspersky is being nefarious. The message is in Japanese but it just says "a file has been deleted" and lists the path. This is the file it deleted https://github.com/medikoo/es5-ext/blob/main/_postinstall.js
- Protestware – PR-184 for ES5-ex5
-
Embedded Malicious Code in node-ipc
Other projects adopted non-malicious approach, where they publish anti war manifests: https://github.com/medikoo/es5-ext/blob/main/_postinstall.js
- Ukraine invasion messaging is being added to popular JS libraries
-
Protestware: “peacenotwar” NPM package drops anti-war message on user's desktop
Yet another manifest found in es5-ext: https://github.com/medikoo/es5-ext/issues/116
What are some alternatives?
vue-cli - 🛠️ webpack-based tooling for Vue.js Development
protestware-list
peacenotwar - Attempts to determine if the computer its running on has an IP originating from Russia or Belarus. If it is then depending on the version of the malware either attempts to delete all files on the computer, or creates a text file on the computers desktop protesting the war in ukraine.
node-ipc - A nodejs module for local and remote Inter Process Communication (IPC), Neural Networking, and able to facilitate machine learning.
create-vue - 🛠️ The recommended way to start a Vite-powered Vue project
rfcs - Public change requests/proposals & ideation
GHSA-97m3-w2cp-4xx6
gitian-builder - Build packages in a secure deterministic fashion inside a VM
Windows-Sandbox-Utilities - A public repository for useful developments surrounding Windows Sandbox
content - The content behind MDN Web Docs