Weeknotes 2022/2 - Chores, and the colors / faker incident
About the colors / fakerjs incident
Node community got reminded once more about this problematic situation when the maintainer of colors and faker libraries decided to publish malicious versions of the packages as a political statement. NPM has already had experiences of this since the leftpad incident so they swiftly reinstated the original package. GitHub assumed the user account was hacked as the users behaviours were abormal so they locked the account and it immediately got mixed reactions among the community as people thought they were somehow censoring the author. This lead people to call out for boycotting GitHub and looking for more decentralized solutions for code hosting.
People familiar with the author soon pointed out that he had previously voiced multiple times concerns of big corporations using his (open sourced) work for free. This lead people to blame the situation on the lack of sustainable monetization in important open source projects.
Meanwhile, others pointed out that the author had also been struggling with mental issues for a long time without getting proper help. He had also recently been posting some far out conspiracy theories and stuff like that on his social media profiles. I believe the root cause of this incident stems here but is much deeper and complex.
Things like QAnon are fuelled by a combination of broken things; a healthcare system that doesn’t work, a society that is so afraid of difficult discussions that rather censors inconvenient facts than allows discussion around them, and a serious case of woke mentality / tall puppy syndrome that totally suffocates any meaningful discourse around touchy issues. These kind of issues cannot be solved with technical solutions or any single magic bullet – we need to fix the deep issues within our society instead.
Published My Docker Base Images
I’ve been developing and using my own Docker base images for a while now. I decided to publish them as open source and last week I added a new image for testing in CI as well. The current images cover Django projects using Postgres and Postgis services, plus the new image that adds preinstalled Node as well (to make CI builds go faster).