|
|
|
|
|
|
by winterqt
281 days ago
|
|
|
Thank you for the swift and candid response, this has to suck. :/ > The author appears to have deleted most of the compromised package before losing access to his account. At the time of writing, the package simple-swizzle is still compromised. Is this quote from TFA incorrect, since npm hasn’t yanked anything yet? |
|
|
npm does appear to have yanked a few, slowly, but I still don't have any insight as to what they're doing exactly.