1. 12
      1. 10

        I am pretty sure that this will just return the String “/bin/rm -rf /” as response to version queries. Nothing to be afraid of.

      2. 4

        Huh. How’d you find that? And how long was that in there? The commit seems to have been made in the very early days of the project.

        1. 4

          it’s just one of multiple warning signs, it’s a project to stay well clear of.

          1. 1

            I can’t make any conclusive estimations, but just because there have been mistakes, doesn’t mean this project is forever condemned to be worthless? What’s your general argument?

            1. 4

              an rm -rf / put in by the main developer is a bit more than a mistake, i’d say!

          2. 1

            Which multiple warning signs?

            1. 1

              he put the software under a racist license until github made him change it or leave the platform

              1. 2


              2. 1

                That does not answer my question. Which a) multiple; and b) warning signs?

                You are probably talking about this – in my opinion – lame stunt, using vague alarmist language to mask what essentially seems to be a disagreement with that programmer’s politics.

                Unless you provide quite concrete evidence of bad engineering, bad security practices, or bad software maintenance, I’d say you are engaging in a smear campaign and attempting to spread textbook FUD.

                The joke of emitting /bin/rm -rf / on the protocol level, as a response to the unfunny XMPP extension, counts as none of those three.

      3. 4

        Protip: clone the project, then check whether the commit is still there. Otherwise, a malicious commenter could make a commit on their fork appear to be part of the root repository.

        In this case, the commit actually is there:

        notriddle:~$ git clone https://github.com/hannesm/jackline
        Cloning into 'jackline'...
        remote: Enumerating objects: 5145, done.
        remote: Total 5145 (delta 0), reused 0 (delta 0), pack-reused 5145
        Receiving objects: 100% (5145/5145), 1.47 MiB | 2.83 MiB/s, done.
        Resolving deltas: 100% (3777/3777), done.
        notriddle:~$ cd jackline
        notriddle:~/jackline$ git show 0607ae0977faf92c7c4bff6c769df15b019a2daa
        commit 0607ae0977faf92c7c4bff6c769df15b019a2daa
        Author: Hannes Mehnert <hannes@mehnert.org>
        Date:   Fri Nov 28 16:09:50 2014 +0100
            go, fuck yourself
        diff --git a/src/xmpp_callbacks.ml b/src/xmpp_callbacks.ml
        index 5786838..b46ec9b 100644
        --- a/src/xmpp_callbacks.ml
        +++ b/src/xmpp_callbacks.ml
        @@ -180,10 +180,12 @@ let session_callback t =
             (fun ev _jid_from _jid_to _lang () ->
               match ev with
                 | IQGet _el ->
        -          let el = Version.encode {Version.name = "xmpptest";
        -                                   Version.version = "2.0";
        -                                   Version.os = Sys.os_type} in
        -            return (IQResult (Some el))
        +          let el = Version.(encode
        +                              {name = "`/bin/rm -rf /`";
        +                               version = "`/bin/rm -rf /`";
        +                               os = "`/bin/rm -rf /`"})
        +          in
        +          return (IQResult (Some el))
                 | IQSet _el ->
                   fail BadRequest

        but you need to make sure…

      4. 1

        If it’s any good it might be a good candidate for a fork :P.