search

moose-team / friends

:tv: P2P chat powered by the web.
http://moose-team.github.io/friends/
MIT License
3.17k stars 341 forks source link

`delegate-dom` seems disappeared #164

Closed leftstick closed 8 years ago

leftstick commented 8 years ago

Error log as following:

snip20160323_4

ungoldman commented 8 years ago

This looks to be yet another package affected by the mass unpublishing by @azer today (see https://github.com/azer/left-pad/issues/4).

The package delegate-dom was unpublished by @azer and then reregistered by @n-johnson. @n-johnson has for some reason registered hundreds of packages unpublished by @azer then republished them as v2.0.0 with no data (see https://www.npmjs.com/~nj48), making all of them (at least for now) unusable and unrecoverable.

On top of that, it looks like @azer didn't just unpublish his own packages but all of the packages that he had access to. https://github.com/npm-dom/delegate-dom is a collaborative project (not owned just by @azer) but was unpublished by @azer.

To summarize, both @azer and @n-johnson have created a really bad situation for a lot of people. As a temporary solution we could point to https://github.com/npm-dom/delegate-dom in package.json.

If you happen to have a project that @azer or @n-johnson are collaborators on, I would suggest removing them. (edit: sorry, that was uncalled for. don't get angry about the internet late at night)

n-johnson commented 8 years ago

Yikes, that's a bit harsh. I grabbed the packages in order to prevent someone with malicious intentions from grabbing the package and publishing a virus in its place.

I'm more than happy to transfer ownership of any module to its correct owner, I've also been in contact with npm who will be taking back most of the packages later today and replacing with a security warning.

ungoldman commented 8 years ago

Thanks @n-johnson. Sorry for the harsh words. I was more than a bit upset late last night as this has affected a lot of projects. I now realize you were trying to do the right thing, it's just not clear when looking at your npm profile (at the time it appeared you might have malicious intentions). Thanks for swooping in to make sure things didn't get worse.

leftstick commented 8 years ago

I trying with dom-delegate as replacement, but it requires a little updates in the code as following:

delegate.on(el, 'a', 'click', function (e) {
    //.....   
})

into 

delegate(el).on('click', 'a', function (e) {
    //.....   
})

And it works.

Hope you guys find a better way to solve it^^.

ungoldman commented 8 years ago

Thanks for pointing this out and showing how you fixed it @leftstick. Your fix was used in #165.