• tourist@lemmy.world
    link
    fedilink
    arrow-up
    110
    ·
    5 days ago

    arbitrary npm package:

    • last updated 4 years ago
    • sole developer legit dead and buried
    • 47 dependencies
    • 608 critical vulnerabilities
    • condemned by the United Nations

    Still has 7 million weekly downloads

    • MadMadBunny@lemmy.ca
      link
      fedilink
      arrow-up
      33
      ·
      5 days ago

      Please mark this as NSFL.

      Seriously, who the fuck starts a conversation like this, I just sat down!!