> There's plenty of people here already that disagree on whether the intent was malicious.
No, I haven't seen many people try to argue that the intent wasn't malicious. Most people seem to be arguing that it's fine and npm and Github should allow it. Or the classic you shouldn't trust random software. If you ever wonder why people like the Apple app store just look at the Devs in this comment section. Makes it kinda hard to trust you.
1. The Ad Hominem (on top of the Attribution Error) is uncalled for.
2. You originally claimed, " no its a criminal act. crashing RANDOM servers that you DONT know what they do ...". That is far removed from what you're talking about here. Which is not only misplaced, but also ignorant.
3. Your original claim also implies that the intended effect of the change was to crash "RANDOM servers". I disagree with that claim, and with your subsequent claim that that proves malicious intent.
----
I understand that you're upset — I suspect because you've suffered either this or a fate similar to many unsuspecting users of the npm libraries in TFA — and would like to see whom you view as the cause behind it (i.e., the author) suffer some form of punishment. But that doesn't mean you should support just about any harm done to them by any entity in the world.
GitHub is not a software distribution platform/marketplace. It is not an "App Store". The relationship between one GitHub user and another is not very similar to the relationship between an app store user and publisher.
If you pull someone else's code through GitHub, you're clearly making a copy. From that point on, that copy is your responsibility. That is how the FOSS world has always worked, and so has GitHub's model of public repos.
Now, if you ask me about npm, that is a whole different thing.
