Tag
faker-js
Safeguard articles tagged "faker-js" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Software Supply Chain Security
colors.js and faker.js protestware sabotage
In 2022, maintainer Marak Squires turned colors.js and faker.js into protestware, breaking 19,000+ npm projects and coining a new supply chain threat term.
Jul 5, 20266 min read
Open Source Security
colors.js and faker.js: When Maintainer Burnout Becomes a Supply Chain Crisis
Marak Squires deliberately broke two of npm's most popular packages to protest the exploitation of open source maintainers. The fallout exposed how fragile our dependency chains really are.
Jan 10, 20225 min read