RIP Open Sores

Question

RIP Open Sores

Eli Gutierrez

You mean the "I'm entitled to free stuff!" mentality? That's thanks to open sores.
>Had this been closed sourced, it would never have happened
FTFY
>companies wouldn't bother fixing it because it would cost more money and resources
Le evil capitalist corporations meme XD

November 27, 2018 - 14:57

Kayden Ortiz

post >yfw you aren't affected because you don't touch NPM or JS in the slightest

Attached: 1539275151831.png (470x480, 124K)

November 27, 2018 - 15:00

Luke Ross

>npm
Are you retarded? nobody use nodejs. Javascript = malware.

November 27, 2018 - 15:01

Logan Bennett

>Le evil capitalist corporations meme XD
Not evil, just lazy. You'd never believe what kind of ancient shit is found in corporate IT.

November 27, 2018 - 15:02

Julian Ortiz

>Le evil
No, they don't want to waste money. Just how business works.

Also
>I don't know it happened so it never happened
Don't get angry if you have double digit IQ.

November 27, 2018 - 15:08

Jaxson Martinez

>companies wouldn't bother fixing it because it would cost more money and resources.
On top of that, they would optionally sell it to intelligence agencies as an intended backdoor.

November 27, 2018 - 15:11

Austin Edwards

>An application was be built

November 27, 2018 - 15:40

Landon Watson

>Le evil capitalist corporations meme XD
Your NEET is showing (and bootlicking above all)
Companies are reactive to problems, only big tech shit can afford investment on prevention

November 27, 2018 - 15:55

Cameron Collins

“THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.”

Blaming others for your inability to read is uncalled for. The license makes it clear as daylight that it comes with no warranties of merchantability. Moving to closed source won’t fix your inability to read. No one cares if you choose to use proprietary libraries either. Hence:

Open Source does not force you to be lazy, that’s just a trend in JavaScript community. Don’t blame Open Source because your community needs left-pad (just an example).
Although the project comes with no warranties, Open Source does not force you to do a bad job in doing project management, neither does it prevent you to write bugs. Open Source is not your antivirus.
Had this been closed source, issues like this probably would never actually fixed. Companies may optionally sell the exploit as a desired backdoor to intelligence agencies. You know the ins and outs of the exploit because the source is open.
Your NPM package is compromised does not mean that the Open Source is compromised. You had the option to either audit or ignore the package yet you chose to use it, which is entirely your choice.

Refrain from spreading malicious propaganda filled blogs. Not that I expect you to listen. It’s a free world.

November 27, 2018 - 16:26

Joshua Gutierrez

Honestly CI vendors could make a killing with this.
>trust in open sores projects gets hit by this
>sell a CI service to scan builds for miners
>projects that use and pass this service get to certify themselves as miner-free

November 27, 2018 - 16:32

1 2 3 ... 10 Next

RIP Open Sores

Last threads