I’ve discovered a fake bimorphNodes package appearing on the package manager which includes dll’s spliced from earlier versions. I have no idea what this person is up to nor if it contains some malicious code but I strongly suggest you do not download it nor mistake it for the genuine package.
The genuine BimorphNode package can be easily identified by the following:
- It has over 130,000 downloads at the time of writing.
- It is named bimorphNodes with a lowercase ‘b’ to match the Bimorph brand logo.
- Its published by thomas@bimorphBIM. Packages from bimorph are only ever published using this user name.
I’ve reported this infraction to @solamour who as we know is really awesome and is quickly removing the imposter package. I hope they improve the package manager to stop this type of problem from getting out of hand as Dynamo increases it userbase, as it seems incredibly easy to exploit.