Closed
Description
Seems like packages were held as a security placeholder for some time and then packages names were properly claimed as "Holding package". Since then packages do not appear to be malicious (since the last update).
References:
Additional info from npmjs:
https://www.npmjs.com/package/@cobalt-team/support-email
https://www.npmjs.com/package/@cobalt-team/multi-invite
Metadata
Metadata
Assignees
Labels
No labels