According to the parent link they've been waiting for npm support to respond for a over a month.
Ironically the same person who first reported this npm vulnerability used the wrong package name uglifyjs instead of uglify-js in an unrelated github project.…
--ignore-scripts won't help much. The act of using any npm module means you implicitly trust all the javascript code in the module and any of its dependencies. Has anyone taken the time to inspect every line of the…
Unfortunately native modules like canvas cannot be installed with npm install --ignore-scripts
According to the parent link they've been waiting for npm support to respond for a over a month.
Ironically the same person who first reported this npm vulnerability used the wrong package name uglifyjs instead of uglify-js in an unrelated github project.…
--ignore-scripts won't help much. The act of using any npm module means you implicitly trust all the javascript code in the module and any of its dependencies. Has anyone taken the time to inspect every line of the…
Unfortunately native modules like canvas cannot be installed with npm install --ignore-scripts