A developer of two popular npm packages – colors and faker – has intentionally induced spoiling commits to their code, resulting in the breaking of thousands of projects relied on them.
This reason for this mischievous act was determined to be his revolt against the big and commercial corporations, who’re using the free open-source software and not contributing back enough. Anyway, the developer’s GitHub account was removed, and project users using these two packages are advised to roll back until a fix is available.
Breaking Thousands of Projects
The open-source community is one of the most underrated groups that should receive support. Software enthusiasts with an aim of keeping the world resource free sacrifice their free time to develop projects, that in return are used by everyone for granted.
And we see very few authors revolt against such free usage. Marak is one such author, who revolted against the unfair usage of commercial entities in the open-source world. He’s the developer of two popular npm libraries – colors and faker – which are downloaded millions of times every week and are used by thousands of projects today.
This week, many of the entities who run the colors library saw their software going into an indefinite loop of printing gibberish non-ASCII characters. The same happened with users who injected faker npm library into their applications.
While many thought both the libraries were compromised initially, they later found out that the respective developer has intentionally spoiled them! Going by the name Marak on GitHub, the author of these two packages has done to protest against the big and commercial corporations, who use such open-source software freely and don’t contribute much in return.
“Respectfully, I am no longer going to support Fortune 500s ( and other smaller sized companies ) with my free work. There isn’t much else to say. Take this as an opportunity to send me a six figure yearly contract or fork the project and have someone else work on it.”
For all these actions, GitHub has suspended his account. And this received mixed responses from the community. While some supported Marak’s stance in questioning the commercial entities, some tagged him foolishness and irresponsible for causing trouble to thousands of mini-projects relying on his work.
While this goes as a continuous struggle defending for the respect of open-source works, users of these two npm libraries in their applications are advised to downgrade to an earlier version of colors (e.g. 1.4.0) and faker (e.g. 5.5.3) as a temporary solution.