npm package node-ipc was found to contain malicious code that wipes files on disk

This page summarizes the projects mentioned and recommended in the original post on /r/node
ipc-sockets Npm tcp-sockets package-manager unix-sockets

SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • npq

    🎖safely* install packages with npm or yarn by auditing them as part of your install process

    • In any case, proactively protecting against is indeed the more difficult thing to do, but also the rarer and sort of 0 day vulnerabilities that happen. That said, I built a module called npq (see here https://github.com/lirantal/npq/) that helps me, and others, countermeasure against these sort of malicious incidents. In light of recent malicious incidents, it calls for updating some of the capabilities there (referred to as marshalls)

  • node-ipc

    A nodejs module for local and remote Inter Process Communication (IPC), Neural Networking, and able to facilitate machine learning. (by RIAEvangelist)

    • It used to overwrite files and basically destroy them. Then author changed the code and force-pushed it to remove from visible Git history on Github. So yes, it was indeed used to destroy files. https://github.com/RIAEvangelist/node-ipc/blob/847047cf7f81ab08352038b2204f0e7633449580/dao/ssl-geospec.js

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • On the Weaponisation of Open Source

    5 projects | news.ycombinator.com | 18 Mar 2022

  • BIG sabotage: Famous npm package (node-ipc) deletes files to protest Ukraine war

    5 projects | /r/programming | 18 Mar 2022

  • gotta admit, gadgetbridge is awesome!

    1 project | /r/fossdroid | 2 Jun 2022

  • Any updates on Rust, and node ipc?

    1 project | /r/rust | 23 Mar 2022

  • Anonymous Takes Anti-Putin Battle to Russian People with Printer Attack to Disrupt Kremlin's Propaganda

    1 project | /r/worldnews | 21 Mar 2022