|
|
|
|
|
|
by lioeters
720 days ago
|
|
|
> Users that only compile trusted code are not impacted. Doesn't Babel typically only compile your source code, and not what's in node_modules? I guess it depends if you're compiling single files, leaving import statements as they are; or creating a single bundle for the browser that includes external dependencies. For the latter, I imagine there's a chance some malicious package could exploit this. |
|
|