The first allows the use of colored characters in a command line admin console and, according to GitHub, is used in over 27,000 other software packages. The second is capable of generating large amounts of test data, which is very useful for software development. It is referenced in over 6,000 software packages.
But the latest updates made to Marak Squires make this software inoperative. Colors.js displays the words “Liberty”, before entering an infinite loop which creates a jumble of characters on the screen.
The latest version of Faker.js (v6.6.6), for its part, generates a compilation error (“Module not found: Can’t resolve ‘faker’”). Normal, because the source code has been completely emptied on GitHub, there was only the word “endgame”, as the YouTuber could see. Fireship.
When called out by other users on GitHub, Marak Squires responds in a wry fashion. He says first that it is about a bug of the type “zalgo text” (which is characterized by an exaggerated addition of diacritics causing graphic overflows). Then he indicates that he cannot take care of it, because he must “Prepare the distribution of soup at the church for next Sunday”.
I lost all my stuff in an apartment fire and am barely staying unhomeless. Lost access to most of my accounts. All precious metal is missing. If anyone could bless firstname.lastname@example.org with a little cash it would help me from freezing on the street. lol.
— brilliance (@marak) October 25, 2020
Bleeping Computers finally found the origin of this sabotage. In November 2020, after having lost all his belongings in the fire in his apartment, if we are to believe one of his tweets posted at the end of October 2020, Marak Squires had said that he was stopping the development of Faker.js under these conditions.
“I’m no longer going to support the Fortune 500 (and other smaller companies) with my free work. There is not much else to say. Either you send me a six-figure annual contract, or you fork the project and have someone else work on it ”, can we read in a forum message.
As can be seen in a blog note, the developer first tried to find sponsors, but only collected cherry stems.
He then tried to turn Faker.js into a paid cloud service. Unfortunately, this service was replicated several months later by a third-party publisher, pulling the rug out from under its feet. Following this failure, he visibly lost his mind and resolved to sabotage his own work.
This act is not without consequences. GitHub suspended his account, denying him access to hundreds of projects he was involved in. This is hardly surprising, because with the update to Colors.js, Marak Squires deliberately released malicious code that has messed up many IT professionals.
Source : Bleeping Computers