diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..49baaf4 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +protestware_notes.txt \ No newline at end of file diff --git a/cancelRussia.md b/cancelRussia.md index 9b4b62e..4ec4c8f 100644 --- a/cancelRussia.md +++ b/cancelRussia.md @@ -1,24 +1,23 @@ -Projects that cancel Russia ---------------------------- +# Projects that cancel Russia List of projects that demonstrate [cancel culture](https://en.wikipedia.org/wiki/Cancel_culture) towards Russia. The list contains repositories that, for political reasons, block the work of users from Russia or remove functionality necessary for Russian users, for example, Russian localization. -### Quake3e +## Quake3e About project: Improved Quake III Arena engine. [repo](https://github.com/ec-/Quake3e) 26.02.2022 Removed support of Russian MCST/Elbrus platform: [commit](https://github.com/ec-/Quake3e/commit/50167f34e361bac156315e53efccb5a5d4acac80) -### RESP.app / RedisDesktopManager +## RESP.app / RedisDesktopManager GUI for Redis. [repo](https://github.com/uglide/RedisDesktopManager/) Russian translation was removed. [commit](https://github.com/uglide/RedisDesktopManager/commit/8b2b357d9d233100f84a69f81ed22b8caa04fa22) -### pnpm +## pnpm About project: Package manager. [repo](https://github.com/pnpm/pnpm/) @@ -27,7 +26,7 @@ Added anti-Russian statement. [commit](https://github.com/pnpm/pnpm/commit/3c328 Also access to pnpm.io is blocked from Russia an Belarus -### Qalculate! +## Qalculate! About project: cross-platform desktop calculator. [repo](https://github.com/Qalculate/qalculate-gtk) @@ -35,7 +34,8 @@ About project: cross-platform desktop calculator. [repo](https://github.com/Qalc [Issue](https://github.com/Qalculate/qalculate-gtk/issues/389) | [commit](https://github.com/Qalculate/qalculate-gtk/commit/74c7413429b386f08028565f16f537204217b456) -### Yet Another Dialog + +## Yet Another Dialog About project: program allows you to display GTK+ dialog boxes from command line. [repo](https://github.com/v1cont/yad) diff --git a/fixed.md b/fixed.md index 069e354..a588a31 100644 --- a/fixed.md +++ b/fixed.md @@ -1,21 +1,19 @@ -Projects, where protestware were removed ----------------------------------------- +# Projects, where protestware were removed -### Awesome Prometheus Alerts +## Awesome Prometheus Alerts [repo](https://github.com/samber/awesome-prometheus-alerts) Determines the user's active language and redirects to the page with slogans. In the following commits, the code was removed. [commit](https://github.com/samber/awesome-prometheus-alerts/commit/6bfcdcca165e57c6fa09a561515c33284caa20c2) -### tasmota +## tasmota About project: ESP8266 / ESP32 firmware. [repo](https://github.com/arendst/Tasmota/) Messages in the log, inoperability of the device: [commit](https://github.com/arendst/Tasmota/commit/98cbf2587a1a914bbd16996ebb48dd451d3da448) - The author rolled back the vulnerability under public pressure: [commit 1](https://github.com/arendst/Tasmota/commit/ba32044bb25b820a104428585bf4c91c4e927f88) | [commit 2](https://github.com/arendst/Tasmota/commit/b4f99bb74704e4a5f85b7ba9e03b126bf1c43320) diff --git a/protestware.md b/protestware.md index 5041c60..f0ec0eb 100644 --- a/protestware.md +++ b/protestware.md @@ -1,14 +1,13 @@ -Open source projects with protestware -------------------------------------- +# Open source projects with protestware -### peacenotwar +## peacenotwar About project: ProtestWare NPM-package. [repo](https://github.com/RIAEvangelist/peacenotwar) If any users are using IP in Russia or Belarus, all their file will be [wiped entirely by hearts](https://security.snyk.io/vuln/SNYK-JS-PEACENOTWAR-2426724). -### node-ipc +## node-ipc About project: NPM-module for Inter Process Communication. [repo](https://github.com/RIAEvangelist/node-ipc) @@ -26,7 +25,7 @@ This affects the package node-ipc from 10.1.1 and before 10.1.3. From versions 1 [List of dependent modules](https://github.com/zlw9991/node-ipc-dependencies-list/) -### es5-ext +## es5-ext About project: ECMAScript extensions. [repo](https://github.com/medikoo/es5-ext) The popular [npm-package](https://www.npmjs.com/package/es5-ext) which has not been updated for 2 years has started receiving regular updates that contain both propaganda and timezone code that increases resource utilization. Check the file `_postinstall.js` @@ -35,7 +34,7 @@ The popular [npm-package](https://www.npmjs.com/package/es5-ext) which has not b [commit](https://github.com/medikoo/es5-ext/commit/28de285ed433b45113f01e4ce7c74e9a356b2af2) -### EventSource +## EventSource About project: EventSource polyfill. [repo](https://github.com/Yaffle/EventSource) @@ -44,38 +43,48 @@ About project: EventSource polyfill. [repo](https://github.com/Yaffle/EventSourc The library displays political slogans on your site. To do this, it uses the alert() function with a 15 sec timeout if the user's time zone is Russian. After that, the library opens a political/malicious website in a pop-up window. -### Evolution CMS +## Evolution CMS 01.03.2022 since versions 3.1.10 and 1.4.17 political image added to the admin panel. [сommit](https://github.com/evolution-cms/evolution/commit/1c586bc76f739264dcf0482530945875fa444b77) The project was forked as [Evolution CMS Community Edition](https://github.com/evocms-community/evolution) to continue development without any political slogans. -### voicybot +## voicybot About project: bot for Telegram. [repo](https://github.com/backmeupplz/voicy) -02.03.2022 Promo bot message modified to political slogan. +02.03.2022 Promo bot message modified to political slogan. [Issue](https://github.com/backmeupplz/voicy/issues/57) | [commit](https://github.com/backmeupplz/voicy/commit/1da565a80ab8f2681fddbcf443df60e6a7a15fa5) -### yandex-xml-library (PHP) +## yandex-xml-library (PHP) About project: un-official Yandex-XML PHP library. [repo(removed)](https://github.com/AntonShevchuk/yandex) A version of the [package](https://packagist.org/packages/anton-shevchuk/yandex-xml-library) with a political slogan has been added to packagist, and the sources have been removed from the GitHub. The result is a broken project build. But there are 9 forks on GitHub. -### AWS Terraform modules +## AWS Terraform modules [repo](https://github.com/terraform-aws-modules) Added anti-Russian slogans and meaningless variables to the code. [One of commits](https://github.com/terraform-aws-modules/terraform-aws-eks/commit/fad350d5bf36a7e39aa3840926b4c9968e9f594c) -### Mistape WordPress plugin +## Mistape WordPress plugin Through a vulnerability in the popular Mistape plugin, an attacker gains access to the administrator sections, uploads the UnderConstruction plugin, with which it displays arbitrary information on the main page of the site. Usually this is a widget on the topic of current events in Ukraine. The author of the plugin on February 24 made changes to it. I waited until the update was distributed among users and began to exploit the vulnerability that was included there in a few days. [changeset](https://plugins.trac.wordpress.org/changeset/2684407/) + + +# SweetAlert2 + +About project: JavaScript popup library. [repo](https://github.com/sweetalert2/sweetalert2) + +Added the code to display propaganda and videos. Works only if the user has the Russian language selected in the browser, and the site where the code is executed is located in the .ru/.su/.рф zone. There is [a fork without policy](https://github.com/lofcz/sweetalert2-neutral). + +[PR 18.04.2022](https://github.com/sweetalert2/sweetalert2/pull/2428) +[PR 05.07.2022](https://github.com/sweetalert2/sweetalert2/pull/2462)