|
|
|
|
|
|
by bapak
335 days ago
|
|
|
The title is wrong. There's no proof of compromise. There are no releases of the package since October. Apparently one of the long-time maintainers has pushed other compromised packages, so npm just nuked all the packages he had access to, whether they were compromised or not. |
|
|