Batsamaisi ba polokelo ea sephutheloana sa Packagist ba senotse lintlha tsa tlhaselo e nkileng taolo ea liakhaonto tsa bahlokomeli ba lilaebrari tsa 14 PHP, ho kenyeletsoa liphutheloana tse tsebahalang joalo ka instantiator (lits'ebetso tse limilione tse 526 ka kakaretso, lits'ebetso tse limilione tse 8 ka khoeli, liphutheloana tse 323), sql. -formatter (lits'ebetso tsa 94M ka kakaretso, 800K ka khoeli, liphutheloana tse itšetlehileng ka 109), thuto-cache-bundle (73M ka kakaretso, 500K ka khoeli, liphutheloana tse itšetlehileng ka 348) le rcode-detector-decoder (mesebelisoa ea 20M ka kakaretso, 400 sekete ka khoeli, liphutheloana tse itšetlehileng ka 66).
Ka mor'a hore litlaleho li senyehe, mohlaseli o ile a fetola file ea composer.json, a phaella tšimong ea tlhaloso ea morero tlhahisoleseding eo a neng a batla mosebetsi o amanang le ts'ireletso ea tlhahisoleseding. Ho etsa phetoho ho faele ea composer.json, mohlaseli o ile a nkela li-URL tsa polokelo ea pele sebaka ka likhokahano tsa lifereko tse fetotsoeng (Packagist e fana ka metadata feela e nang le likhokahano tsa merero e ntlafalitsoeng ho GitHub, ha e kenya "moqapi oa ho kenya" kapa "apdeite ea moqapi. ”Taelo, liphutheloana li jarolloa ka kotloloho ho tsoa ho GitHub ). Mohlala, bakeng sa sephutheloana sa acmephp, polokelo e hokahaneng e fetotsoe ho tloha ho acmephp/acmephp ho ea ho neskafe3v1/acmephp.
Kamoo ho bonahalang kateng, tlhaselo eo ha ea ka ea etsoa ho etsa liketso tse lonya, empa e le pontšo ea ho se amohelehe ha boikutlo ba ho se tsotelle ho sebelisoa ha mangolo a mabeli libakeng tse fapaneng. Ka nako e ts'oanang, ho fapana le mokhoa o thehiloeng oa "hacking ea boitšoaro", mohlaseli ha aa ka a tsebisa baetsi ba laebrari le batsamaisi ba polokelo ka teko esale pele. Hamorao, mohlaseli eo o ile a bolela hore ka mor’a hore a fumane mosebetsi, o ne a tla hatisa tlaleho e qaqileng ea mekhoa e sebelisitsoeng tlhaselong eo.
Ho latela tlhaiso-leseling e lokollotsoeng ke batsamaisi ba Packagist, liakhaonto tsohle tse tsamaisang liphutheloana tse senyehileng li sebelisitse li-password tse bonolo ho sebelisa matla ntle le ho etsa bonnete ba lintlha tse peli. Ho lumeloa hore li-account tse utsoitsoeng li ne li sebelisa li-passwords tse neng li sa sebelisoe feela ho Packagist, empa hape le lits'ebeletso tse ling tseo li-database tsa tsona li neng li senyehile mme tsa phatlalatsoa. Ho ts'oara li-imeile tsa beng ba li-account ba neng ba tlameletsoe libakeng tse felloang ke nako ho ka boela ha sebelisoa e le khetho ea ho fumana phihlello.
Liphutheloana tse senyehileng:
- acmephp/acmephp (e kentsoe 124,860 nakong ea bophelo ba sephutheloana)
- acmephp/core(419,258)
- acmephp/ssl (531,692)
- thuto/thuto-cache-bundle (73,490,057)
- thuto/thuto-mojule (5,516,721)
- thuto/thuto-mongo-odm-module (516,441)
- thuto/thuto-orm-module (5,103,306)
- thuto/mohlohlelletsi (526,809,061)
- buka ea kholo / buka ea kholo (97,568
- jdorn/file-system-cache (32,660)
- jdorn/sql-formatter (94,593,846)
- khanamiryan/qrcode-detector-decoder (20,421,500)
- object-calisthenics/phpcs-calisthenics-rules (2,196,380)
- tga/simhash-php, tgalopin/simhashphp (30,555)
Source: opennet.ru