@miguelcagidefagin NPM's latest is 11.1.0, You want to you want to pin 10.1.0 from NPM or point your dependency to this repo directly.

As @frzsombor so kindly wrote:

The original (before wipe) latest versions without the "protestware" were:

• For version v9: v9.2.1
• For version v10/v11: v10.1.0

I also recommend you run 'is-my-node-supply-chain-secure' to see how many vulnerable packages you have on your computer. It will scan all your packages system-wide and report which ones are the most likely to have supply chain vulnerabilities in them. It can take a long time depending on how big your system is, you will see each package pop up in the terminal when a vulnerability is found.

Remember to pin your deps at all times. npm-pin-dependencies
might be helpful to use from time to time. Also, remember to use npm ci instead of npm i when possible. If you don't know what pinning is yet, read this article on pinning

I am working with NPM to regain account access now so I can update the package to be optional.

It might make sense to publish a new version here to solve the 'protestware' and 'peacenotwar' problems. @RIAEvangelist

https://www.npmjs.com/package/node-ipc

Hello from Turkey 🙌

I am open to suggestions as to the best way to resolve this. Perhaps a flag of some kind?

By releasing v12.0 as the NPM version, it can be declared that there are no problems with 12 and later. This seems to be the fastest and most effective solution. The library called @latest will be released as the latest version, v12.0.

@ramazansancar just pushed the changes to GH. The war is now bidirectional and they will figure things out their way. People of the world should pray for peace and no more forced or carried on bloodshed.

One day, this all will change, treat people the same
Stop with the violence, down with the hate
One day, we'll all be free and proud to be
Under the same sun, singin' songs of freedom

I understand why this is happening, I just don't agree with continued bloodshed, fighting, hate and destruction. It is sad. Hopefully ML and AI can help with this in more than one way, and bring about an era of prosperity and peace without war where people can be free to understand themselves and this place in freedom and joy.

v12.0.0 will be released as suggested. I'm going to push another as this issue and your suggestion qualify you to be a contributor now because you had a direct impact and positive suggestion without hate.

Thank you.

@RIAEvangelist Thank you for your understanding and taking action to correct this.

Hello from Turkey 🙌

I was going to say the repo should be clean now, but 19 hours ago the owner renamed this issue to a single 'LRM' character to make it non-clickable and removed several comments, including mine. Although there might be understandable reasons behind these actions, they may come across as lacking transparency to those following the discussion. Transparency is vital for maintaining trust within the community, and steps that obscure history or context can easily be misinterpreted. Some actions in life, and in community collaboration, are simply irreversible, no matter the intention to correct them later.

@frzsombor still catching bad actors and trolls who are attempting to Instill fear through lies and attempts to bully or otherwise harass on a topic they don't know anything about thereby outing themselves as bad actors. This issue was like a honey pot for them. Unfortunately that also resulted in others not knowing what was up.

Much like most everything people heard about this, the vast majority was made up by special snowflakes that thought they heard something nasty and had someone they could bully unfortunately they just outed themselves. We caught people in low level government, as well as inside of major fang corporations and even inside GitHub.

It's amazing how trolls come out when they think they can bully. Doesn't make them any less wrong. It is however something that gets cleaned up to prevent them from affecting others.

So i looked at this project again to see if its clean now and i guess it is. But regarding your last comments @RIAEvangelist I mean what do you expect after adding malware? You can't really pretend you're the victim here. Going forward you HAVE to be transparent despite people "trolling" or "bad actors" in your eyes which is a absurd and ironic statement coming from you, their trust has been shattered by your actions. So either you own up to it and endure the comments or dont be surprised if that trust is broken forever.
Yes this lib is really cool and you developed it for free, i appreciate it and many others do as well but you cant just sweep this under the rug and pretend nothing ever happened, you can try sure, but its not going to work. Just be transparent going forward, is my advice.

Much like most everything people heard about this, the vast majority was made up by special snowflakes that thought they heard something nasty and had someone they could bully unfortunately they just outed themselves

No one wants to bully you or hate on you. We genuinely want to hear your side of the story, because clearly there's more to it then what's on this short wikipedia page, this NVD entry (NVD are known for having bogus security advisories, see https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/) and everywhere else on the internet. But if you don't correct the record people will be forced to go with the current version of the story, regardless of it's accuracy