1. a developer of a bunch of popular #npm packages publishes new, intentionally broken versions of them as he doesn't want to support for-profit companies with his free work;
2. NPM *reverts* the packages to older versions against developer's wishes;
3. GitHub *blocks* the developer for acting "irresponsibly".
I can't believe I'm agreeing with gargle-on.
I release my shit under the GNU GPLv3-only.
NPM was absolutely right to roll back the packages. Github was absolutely right to b& the developer and lock out changes, at least temporarily.
What's the operative difference, between what dude did here, and putting in a crypto miner, or backdoor, ssh key stealer, or password stealer, or crypto wallet stealer, or generic remote access tool?
The correct move was to hold back updates, and *maybe* release them under a new license.
"pissed everyone off in literally record time" - Recommended by 10 out of 10 people who, for some sad reason, have a dedicated column up to watch #fediblock.