This is amazing:
bleepingcomputer.com/news/secu

tl;dr:
1. a developer of a bunch of popular #npm packages publishes new, intentionally broken versions of them as he doesn't want to support for-profit companies with his free work;
2. NPM *reverts* the packages to older versions against developer's wishes;
3. GitHub *blocks* the developer for acting "irresponsibly".

That story again: developer blocked by #Microsoft #GitHub for making changes to his own code.

This is why #AGPL and @forgefriends are so important!

Both npm projects were published under the MIT license. Publishing them under the #AGPL would make Big Tech not touch it with a ten foot pole, while allowing other free software projects to still use them.

When publishing a project, consider using AGPL. I use it for basically all my public code.

Just to be absolutely clear, as @Gargron noted in a separate thread, this is absolutely shitty of the developer to pull the rug from under everyone (including plenty of FLOSS projects, I'm sure) using his npm packages. A breach of trust indeed.

But for me it is also worth noting GitHub blocking a developer for changes made by him to his own projects.

Follow

@rysiek if a developer is pushing changes or code clearly meant only to break things reverting and blocking are absolutely the right thing to do

This feels like the freezepeach argument, context matters

Sign in to participate in the conversation
Cybrespace

cybrespace: the social hub of the information superhighway jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal support us on patreon or liberapay!