• CodeMonkey@programming.dev
    link
    fedilink
    arrow-up
    13
    arrow-down
    2
    ·
    5 months ago

    This is not a supply chain attack, it is sudden extreme enshitification. according to the article, the attacker also bought the GitHub repo, so all releases should be considered tainted. The community will have to find a fork from before the acquisition and hope that there are no pre-purchase favors smuggled in.

    • Kissaki@programming.dev
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      5 months ago

      This is not a supply chain attack, it is sudden extreme enshitification. according to the article, the attacker also bought the GitHub repo

      I don’t see how buying the GitHub repo as well makes it not a supply chain attack but enshitification.

      They bought into the supply chain. It’s a supply chain attack.

    • sabreW4K3@lazysoci.alOP
      link
      fedilink
      arrow-up
      3
      ·
      5 months ago

      I thought Polyfill was a Google thing. I remember when they implemented it on YouTube and the Firefox performance was dire.