chore: remove disturbing image from README

[ST-DDT]

The image shown on the README is disturbing and needs to be removed ASAP.

Screenshot (Click to show)

The image is static and no longer random.
I assume this is intentional from loremflickr to prevent the usage on github.
Correction: Github Image Cache + Bad Luck
Reproducible in Firefox (normal, mobile and private mode), Chrome.

I also consider removing loremflickr from our image providers entirely, since having that image in a presentation with a customer is an absolute no go 🙅 .

[codecov]

Codecov Report

Merging #1782 (c3c5e8f) into next (2b84b33) will not change coverage.
The diff coverage is n/a.

Additional details and impacted files

@@           Coverage Diff           @@
##             next    #1782   +/-   ##
=======================================
  Coverage   99.64%   99.64%           
=======================================
  Files        2340     2340           
  Lines      242654   242654           
  Branches     1110     1110           
=======================================
  Hits       241802   241802           
  Misses        831      831           
  Partials       21       21           

[xDivisionByZerox]

IDK man. I get a cat. Cant be as static as you say.

[ST-DDT]

I had to reload the page on FF-mobile private mode to get the bad one. So I'm not exactly sure, what actually is the condition for getting the image, but I get it on different devices, OSes, browsers on the first and subsequent visits.

[ejcheng]

IDK man. I get a cat. Cant be as static as you say.

I'm getting the disturbing image

[pkuczynski]

I am getting it too :)

[pkuczynski]

PS: Github was showing me 500, which lead to 3 approvals :D

[matthewmayer]

Maybe contact the creator of LoremFlickr https://github.com/MastaBaba also?

It looks like it pulls images directly from the Flickr API rather than a fixed set of images, which seems risky, as there's nothing to prevent a badly tagged disturbing image on Flickr from creeping into the results.

https://github.com/MastaBaba/LoremFlickr-2

So I would agree to remove loremflickr as a provider, seems too much like a potential pitfall.

[Shinigami92]

There is something really weird
When I hover over the image, it does not link to https://loremflickr.com/640/480/cats but https://camo.githubusercontent.com/2b0b0e6a1e2aa9985824e1d254f7e12789f8fb76399da5c7ee561fed280e50f8/68747470733a2f2f6c6f72656d666c69636b722e636f6d2f3634302f3438302f6361747 + 3

Details

^^^^^

Did we somehow got hacked? How is this even possible?

The input for this was

faker/README.md

Line 106 in 2b84b33

| Image | `faker.image.cats()` | https://loremflickr.com/640/480/cats <img src="https://loremflickr.com/640/480/cats" height="100"> |

So just <img src="https://loremflickr.com/640/480/cats" height="100">

[Shinigami92]

🤯

https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-anonymized-urls#removing-an-image-from-camos-cache

More and more I assume we got somehow hacked!
We should try to purge the cache via the provided steps (I'm in some meetings right now...)
And if this does not help we should contact GitHub support and at least tell them so they know

In worst case the new image we are now showing will be hacked as well in the same way...

[Shinigami92]

F*ck...

I run

curl -X PURGE https://camo.githubusercontent.com/{the camo id}

and it worked!

This was a personal attack on Faker!!! LoremFlickr is NOT involved at all!!! ⚠️

[ST-DDT]

From the linked article I get the impression that Github caches external images when they md2html that page (once).
So I assume that either a very unfortunately tagged image was returned during that time or the anonymising GH proxy is on some kind of penalty/block/overuse list.

Edit: since the cache purge solved this, I assume it has been bad luck.

[xDivisionByZerox]

More and more I assume we got somehow hacked!

Why and how do you get that impression?! You even provided a documentation source that states why that (the content tag) happens.

This was a personal attack on Faker!!! LoremFlickr is NOT involved at all!!! ⚠️

Now you are overdramatizing. It's bad luck. For someone maintaining a library which is all about odds I'm a bit disappointed hearing such statements.
LoremFlickr is so far involved that they simply have "badly" tagged images every now and than. Again, I'm if you provide massive image sets, it's simply a numbers game that such things happen...

[matthewmayer]

If you do a reverse image search you can see that image is on Flickr

So my guess is

• someone tags macabre image as cats as a joke on Flickr
• loremFlickr pulls in "cat" image via Flickr api
• Flickr admins removes tag
• github camo caching causes image to get cached for longer than expected

[Shinigami92]

Very interesting
That calms me down a bit

We should still message the Flickr author later on then

[matthewmayer]

maybe could add a warning in the documentation like

"The images are fetched from an external service outside the control of Faker, and could occasionally contain URLs which point to unexpected or offensive images."

[ST-DDT]

Let's continue the discussion here: #1783