But isn't it just the axios library that's compromised? Or does this mean all of npm is poisoned?
Login to reply
Replies (3)
Axios is compromised weekly. Github won't stop warning me about it.
Time for everybody to fork I guess. 🤷🏻♂️
Axios may be included in other dependencies, or their dependencies, and so on. It’s hard to say where it might be included in a long chain. You don’t have to be directly dependent on it, because some packages in the chain might