[–] rvz 2mo ago ↗ Not again and it is NPM once more.> Any project that installs one of these versions, directly or transitively, will pull the compromised release.Hope you have pinned your dependencies in your package.json.What a disaster.
3 comments
[ 1.1 ms ] story [ 13.0 ms ] thread> Any project that installs one of these versions, directly or transitively, will pull the compromised release.
Hope you have pinned your dependencies in your package.json.
What a disaster.