Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Didn't expect to see this here, it was over a month ago this incident happened! Happy to answer any questions about it (author of DataTables here). It was a super stressful event to say the least, and I've been reading along with the recent npm incidents wondering what I can do to make sure my OpSec is as good as it reasonably can be.


Totally OT, but thanks so much for DataTables! I used it for a tiny personal project a few years back and it's been quietly chugging away with barely any maintenance required. It was so easy to get up and running with the documentation, implement and customise to my heart's content -- truly an excellent piece of open source!


That's awesome to hear - thank you :-).


Oh, hey! I discovered your library around a month ago, and had a question at the time [0]: why is it mostly sponsored [1] by personal injury lawyers? Are they particularly heavy DataTables users? Or is this an SEO thing for them, since the top sponsorship package comes with a site link?

[0] https://bsky.app/profile/spinda.net/post/3lx3xkzbc622t

[1] https://datatables.net/supporters/


An SEO thing for them. Useful income for me. It isn't much ($49/year), but every little helps...


Hi Allan, I am a big fan of yours, found datatables while working on personal project of mine last year. Its perfect.

Using it in another personal project this year.


Maybe because your Blog RSS [1] shows releases only, it doesn't seem to show these interesting tidbits?

[1] <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://datatables.net/feeds/releases.xml">


The blog feed is here: https://datatables.net/feeds/blog.xml . It is advertised on the landing page, but it looks like I've missed having it on the blog page! As you say, that has the releases feed - thanks for pointing that out.


It would be helpful if you would share the name of the registrar so that other people could be aware that this policy exists if you work with that registrar.


Joker.com. Credit to them they fixed it reasonably quickly, but its a horrible policy to default to enact the change if no response if given. Their reasoning was what else would they do if someone got locked out of their email - they need a way to recover their domain somehow, and they ask for ID to be submitted, but as seen, that is trivial to fake.


The only real solution is to tie the accounts to the digital identity of a person/company and enforce strong authentication for these cases. Not sure if there's already some EU level solution to this. This is of course pretty complicated to implement, but it would be a valuable extra service for customers.


Hell Allan, apologies for going fanboy on you but just wanted to tell you that DataTables is amazing and we use it a lot in my circle of friends. You made an awesome product!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: