Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Backdoored sub-dependency? flatmap-stream-0.1.1 and flatmap-stream-0.1.2 #1451
nodemon requires pstree.remy (^1.1.0 - installed 1.1.0) -> ps-tree (^1.1.0 - installed 1.1.0) -> event-stream (~3.3.0 - installed 3.3.6) -> flatmap-stream (^0.1.0 - npm installs 0.1.2).
This last one is very suspicious.
Please either force version 0.1.0 of flatmap-stream or update event-stream to latest version (which no longer requires the affected module).