My FeedDiscussionsHeadless CMS
New
Sign in
Log inSign up
Learn more about Hashnode Headless CMSHashnode Headless CMS
Collaborate seamlessly with Hashnode Headless CMS for Enterprise.
Upgrade ✨Learn more

Is our current Open Source model broken?

Fernando Doglio's photo
Fernando Doglio
·Dec 13, 2018

I wrote a piece about the latest issue in the Node.js community, where (in case you haven't read about it yet) a hacker gain access (through social engineering) to the source code of a package and added an attack, potentially stealing crypto currency wallets. You can read about it here: blog.logrocket.com/the-latest-npm-breach-or..

Now, this happened mainly due to the original maintainer not caring about it's creation anymore, but this is not the exception, but rather very common in our industry. Would you say we need to change the way we handle Open Source projects in order to help those developers maintain interest in their projects? I'd love to know what others think about that.