Hacker News new | past | comments | ask | show | jobs | submit login

Marak didn't just mess with NPM. He also did a force push to his GitHub repo, replacing all the code there.



So? It is a project under his username and he could've done anything he pleased with it. Not defending him, but banning him on GitHub instead of NPM is just bizarre.


He got banned on GitHub for what he did to his GitHub repos. I don't see how that's bizarre.


But why though? If I do the same to a repo I own, will I be banned? What if I introduced a infinite loop in a library I maintain? Just because the library was popular and had millions of downloads, doesn't mean it must be treated differently.

People cannot argue that it is open source with a license which expressly doesn't have any warranties, and then cry foul if the author deletes it for whatever reason. If it was that important, you should've had better processes in place.


Of course you’ll get banned for intentionally sneaking that code into your library. At least that’s what I’d do if I was in charge and I assume most people would do the same.

> license which expressly doesn't have any warranties,

The license is about legal liability and has nothing to do with social norms. Though now that you mention it, I’m not sure if the “no warranty” clause will hold up in court when the bug is malicious and the author admits it was intentional.


> He got banned on GitHub for what he did to his GitHub repos. I don't see how that's bizarre.

You don't?!? That's bizarre... Here, re-read your first sentence: "He got banned on GitHub for what he did to HIS GitHub repos." I added some helpful emphasis; did you catch it?

If not, riddle me this: How many people did he force to download stuff from his GitHub repositories?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: