Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

GitHub Developer Corrupts Popular Open-source Libraries, Suspended

Meet the voice behind Indo-Asian News Service (IANS), a storyteller navigating the currents of global events with precision and depth. Crafting narratives that bridge cultures, IANS brings you the pulse of the world in every word

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

A developer has corrupted a pair of popular open-source libraries on the Microsoft-owned platform GitHub, leaving thousands of users stunned. The developer has since been suspended from the open-source platform.

The open-source libraries – ‘faker’ and ‘colors’ – that thousands of users depend on started producing gibberish data and breaking after the developer of these libraries intentionally introduced an infinite loop that bricked thousands of projects that depend on ‘colors’ and ‘faker’, reports BleepingComputer.

While it looks like color.js has been updated to a working version, faker.js still appears to be affected.

“The ‘colors’ library receives over 20 million weekly downloads on software npm alone, and has almost 19,000 projects depending on it. Whereas, ‘faker’ receives over 2.8 million weekly downloads on npm, and has over 2,500 dependents,” the report said on Sunday.

The developer, Marak Squires, introduced a malignant commit (a file revision on GitHub) to colors.js that adds “a new American flag module,” as well as rolled out version 6.6.6 of faker.js, triggering the same destructive turn of events.

It left several users of popular open-source projects, such as Amazon’s Cloud Development Kit, left in shock after they saw their applications print gibberish messages on their console.

These messages included the text ‘LIBERTY LIBERTY LIBERTY’ followed by a sequence of non-ASCII characters, according to the report.

Squires later posted an update on GitHub to address the bug, which refers to the glitchy text produced by corrupt files.

“Please know we are working right now to fix the situation and will have a resolution shortly,” he wrote.

Squires later posted a tweet, saying he has been suspended from GitHub.

GitHub was yet to make an official statement on the development.

The open-source platform is currently making headlines in India as the two controversial and derogatory ‘Sulli Deals’ and ‘Bulli Bai’ apps were created on GitHub.

The access of GitHub was with all the members of the groups behind those apps.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic