Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Can you please clarify whether the fork also suffers from the same security issues (or engage the fork's owner to ensure that it doesn't https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you)


Hi, owner of the fork here.

I did a thorough combing of the code base when I forked. Just did another audit and still not seeing anything suspicious. Gutting all of the opencollective and changelog code to be 1000% sure.


Hi. Please do not replace the original author's copyright notice in the LICENSE file. That is a violation of the Apache License.

You could instead "append" your name to the copyright notice though, which is legal.

https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you/c...


The only potential risk was the use of sanity to render a changelog. I didn't want to risk it, so I gutted that and a ton of other stuff. Just published a new, stripped down version.

https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you/p...


Ok, but did you remove something that explicitly appeared malicious? This is a key detail that I am not seeing in your comments or commit messages.


That's covered by

> I did a thorough combing of the code base when I forked. Just did another audit and still not seeing anything suspicious.


Thanks for flagging it. Our security researchers will analize it and based on their findings we might remove this one as well.


s/analize/analyze/g


s/g/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: