What happened to Faker.js and how to secure your projects

The golden rule when installing external javascript modules is that we should prefer popular packages that are frequently updated. The Faker.js library has met all this, and tens of thousands of developers have used it to generate random data such as people's names or company names as a useful tool, during development or tests.

Detect unwanted dependencies in your software like versions of faker.js or colors.js - Codenotary

Detect unwanted dependencies in your software like versions of faker.js or colors.js - Codenotary

Malicious modifications to open source projects affecting thousands - Sysdig Secure – Sysdig

Open Source — A Horror Story. What happened to Faker.js and its…, by Alex Streza

New Protestware Found Lurking in Highly Popular NPM Package

The story behind colors.js and faker.js

Automate data creation with Faker FAUN — Developer Community 🐾

Kickstart your Kafka with Faker Data

JavaScript developer destroys own projects in supply chain “lesson” – Sophos News