Conversation

Notices

1. Tyler (tyler@nicecrew.digital)'s status on Friday, 21-Feb-2025 03:23:12 JST Tyler

   • T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)
   @theorytoe
   https://arstechnica.com/security/2025/02/backdoored-package-in-go-mirror-site-went-unnoticed-for-3-years/
   
   :rofl:
   • T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer) (theorytoe@ak.kyaruc.moe)'s status on Friday, 21-Feb-2025 03:23:12 JST T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)

     in reply to
     @tyler thus why I turn off the cache and just pull deps directly
   • Tyler (tyler@nicecrew.digital)'s status on Friday, 21-Feb-2025 03:25:00 JST Tyler

     in reply to

     • T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)
     :mfw_niggers11:
   • T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer) (theorytoe@ak.kyaruc.moe)'s status on Friday, 21-Feb-2025 03:25:00 JST T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)

     in reply to
     @tyler i mean to be fair every language with a package manager like this has had a supply chain attack :dread:
   • Tyler (tyler@nicecrew.digital)'s status on Friday, 21-Feb-2025 03:28:25 JST Tyler

     in reply to

     • T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)
     I know it was just funny to me since we talked about it the other day and I remember being unchiggy with direct web imports
     T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer) likes this.
   • T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer) (theorytoe@ak.kyaruc.moe)'s status on Friday, 21-Feb-2025 03:29:58 JST T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)

     in reply to
     @tyler yeah
     at least with go youll find that a lot of the devs working with it are more spartian-oriented
     
     its much easier to find low-dependency libraries within the go ecosystem compared to something like python or node