crates.io phishing attempt
Thanks to my sponsors: villem, Aleksandre Khokhiashvili, zoey, Kyle Lacy, Corey Alexander, Daniel Wagner-Hall, Dirkjan Ochtman, Gorazd Brumen, ShikChen, Mathew Haji, Olly Swanson, Xavier Groleau, Marco Carmosino, Colin VanDervoort, Alan O'Donnell, Mathias Brossard, Brooke, playest, Malik Bougacha, Scott Sanderson and 240 more
Earlier this week, an npm supply chain attack.
It’s turn for crates.io, the main public repository for Rust crates (packages).
The phishing e-mail looks like this:
And it leads to a GitHub login page that looks like this:
Several maintainers received it — the issue is being discussed on GitHub.
The crates.io team has acknowledged the attack and said they’d see if they can do something about it.
No compromised packages have been identified as of yet (Sep 12, 14:10 UTC).
Important links:
Did you know I also make videos? Check them out on YouTube!
Here's another article just for you:
Recursive iterators in Rust
I’ve been looking for this blog post everywhere, but it doesn’t exist, so I guess it’s my turn to write about Some Fun with Rust.
The task at hand
Let’s say you have a recursive, acyclic data structure, like so:
struct Node {
values : Vec < i32 >,
children : Vec < Node >,
}
This allows you to represent a tree-like structure:
[1, 2, 3]
/\
/ \
/ \
/ \
/ \
[4, 5] [6, 7]