Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps

This page summarizes the projects mentioned and recommended in the original post on /r/webdev

CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • colors.js

    get colors in your node.js console

    Github did not revert code (go check the repo https://github.com/Marak/colors.js/commit/6bc50e79eeaa1d87369bb3e7e608ebed18c5cf26). Npmjs did with both faker and colors. This is in their policy and has been the procedure in many instances of malicious updates (e.g. left-pad, uaparser, and many more).

  • CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo
  • faker.js

    Discontinued Generate massive amounts of fake data in the browser and node.js [Moved to: https://github.com/faker-js/faker] (by faker-js)

    For anyone needing it, here's the community maintained version of faker.js

  • aws-cli

    Universal Command Line Interface for Amazon Web Services

    What makes GitHub's actions shitty? Marak's colors had 22 million downloads, including aws-cli. Blanking out a large repository like that, without so much as a warning, is irresponsible and choosing to partake in conspiracy theories is even more so.

  • uvloop

    Ultra fast asyncio event loop.

    Take a look at these guys: https://github.com/MagicStack They are a consultancy that obviously can make good stuff, their libraries are widely used by the Python community. This is how I would monetize your library honestly. It is a source of trust that can unlock other opportunities that would be much harder to obtain without it.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Crafting a Custom SAM Template for Your AWS Lambda Function, Resource, and Operations

    5 projects | dev.to | 10 Dec 2024
  • How Much Memory Do You Need in 2024 to Run 1M Concurrent Tasks?

    5 projects | news.ycombinator.com | 28 Nov 2024
  • Spring AI: Bridging the Gap Between Java and AI

    1 project | dev.to | 6 Oct 2024
  • Ask HN: What's the Best Postman Alternative?

    1 project | news.ycombinator.com | 25 Sep 2024
  • Automating DNS with Confidence: Terraform + DNScontrol

    1 project | dev.to | 23 Sep 2024

Did you konow that JavaScript is
the 3rd most popular programming language
based on number of metions?