turbohz@programming.dev to Rust@programming.devEnglish · 1 day agocrates.io: Malicious crates faster_log and async_println | Rust Blogblog.rust-lang.orgexternal-linkmessage-square9linkfedilinkarrow-up137arrow-down10
arrow-up137arrow-down1external-linkcrates.io: Malicious crates faster_log and async_println | Rust Blogblog.rust-lang.orgturbohz@programming.dev to Rust@programming.devEnglish · 1 day agomessage-square9linkfedilink
minus-squareINeedMana@piefed.ziplinkfedilinkEnglisharrow-up2·1 day agoWhat are the proper crates that the malicious ones were pretending to be? (I’m new to Rust)
minus-squareINeedMana@piefed.ziplinkfedilinkEnglisharrow-up1·edit-224 hours agoThanks :) async_println is a part of fast_log?
minus-squarefartsparkles@lemmy.worldlinkfedilinkarrow-up5·edit-224 hours agoBoth faster_log and async_println were purely malicious packages (not taken over and turned malicious). I know faster_log is typosquatting / luring fast_log users but I’m not sure about about async_println (which was a clone of the malicious faster_log). async_std::print is a thing so I guess trying to lure users who search crates before docs :shrug:
minus-squarenebeker@programming.devlinkfedilinkEnglisharrow-up2·22 hours agoI mean, if you want your prints to be asynchronous you’re looking for trouble to begin with. The previous statement is a joke.
What are the proper crates that the malicious ones were pretending to be? (I’m new to Rust)
Both were impersonating fast_log.
Thanks :)
async_println is a part of fast_log?
Both faster_log and async_println were purely malicious packages (not taken over and turned malicious).
I know faster_log is typosquatting / luring fast_log users but I’m not sure about about async_println (which was a clone of the malicious faster_log).
async_std::print is a thing so I guess trying to lure users who search crates before docs :shrug:
I mean, if you want your prints to be asynchronous you’re looking for trouble to begin with.
The previous statement is a joke.