Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. jomo :verified: (jomo@mstdn.io)'s status on Monday, 26-Nov-2018 13:34:49 EST jomo :verified: jomo :verified:

    An NPM package with 2,000,000 weekly downloads had malicious code injected into it. No one knows what the malicious code does yet.

    (via 🐦gerybernhardt)

    https://github.com/dominictarr/event-stream/issues/116

    In conversation Monday, 26-Nov-2018 13:34:49 EST from mstdn.io permalink

    Attachments

    1. I don't know what to say. · Issue #116 · dominictarr/event-stream
      from GitHub
      @dominictarr Why was @right9ctrl given access to this repo? He added flatmap-stream which is entirely (1 commit to the repo but has 3 versions, the latest one removes the injection, unmaintained, c...
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.