Readit News logoReadit News
dale_lakes commented on NPM stylus package contained malicious code and was removed from the registry   npmjs.com/package/stylus/... · Posted by u/vandot
kontercola · a month ago
My workaround:

Add this on your package.json on the end of file bevor last }:

  },
  "overrides": {
    "stylus": "0.0.1-security"
  }

dale_lakes · a month ago
Random internet person: Do not do this ^ . Wait for the package to be restored by npmjs, or use the workaround in the pinned issue on the stylus repo.
dale_lakes commented on NPM stylus package contained malicious code and was removed from the registry   npmjs.com/package/stylus/... · Posted by u/vandot
borplk · a month ago
Does anyone know what the malicious code was and what it did?
dale_lakes · a month ago
The malicious code had nothing to do with the stylus package. One of the maintainers of stylus published malicious code in another package, and GitHub / npmjs response was to nuke ALL packages that he was a maintainer of, including stylus.
d

u/dale_lakes

KarmaCake day4August 1, 2023View Original