Snyk has reported on a new type of threat vector in the open source community called protestware, which is being used to express support for Ukraine amid the ongoing conflict. Protestware comes in different forms, including repo banners that add political messages to README files or package descriptions, CLI protest logs that display messages on users' machines during installation, out-of-env protest logs that run code outside of the installation environment, and destructive protests that overwrite files with protest information. Snyk is providing guidance on how to differentiate between these types of protestware and will add advisories for packages that exhibit undesired behavior or malicious activity. The company aims to help the community reach a consensus on how to approach protestware and promote safe open source practices.