Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

You should probably claim/publish pintora as a npm package to prevent npm install malicious attack vector #240

Open
titanism opened this issue Jan 5, 2024 · 1 comment
Open

You should probably claim/publish pintora as a npm package to prevent npm install malicious attack vector #240

titanism opened this issue Jan 5, 2024 · 1 comment

Comments

@titanism
Copy link

titanism commented Jan 5, 2024

Even if the package is empty, it could contain README with notes as to how to use pintora via @pintora scoped packages.
@titanism titanism mentioned this issue Jan 5, 2024
Open
@hikerpig
Copy link
Owner

hikerpig commented Jan 5, 2024

Ah I haven't considered that totally, thank you for the hint.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hikerpig @titanism