You may have already seen this, @Gargron (github.com/dominictarr/event-s) but it appears that Mastodon includes some NPM libraries discovered today to be backdoored (for some time apparently)

Follow

@jerry Mastodon includes 0.1.0 of the flatmap package. The affected version is 0.1.1 as I understand

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!