Closed marcosmartinez7 closed 5 years ago
Detected this issue today
The problem is related to this: https://medium.com/intrinsic/compromised-npm-package-event-stream-d47d08605502
I check who is including that library and i found this:
And then event-stream
I also found this library using the event stream.. so i search who imported that lib:
Found this
Then i check for that library and i found this on the package.lock and yarn.lock.
Any ideas if this is related with nodemon or gulp-nodemon?
Seems that i was using a older version of nodemon.
https://github.com/remy/nodemon/issues/1498
Detected this issue today
The problem is related to this: https://medium.com/intrinsic/compromised-npm-package-event-stream-d47d08605502
I check who is including that library and i found this:
And then event-stream
I also found this library using the event stream.. so i search who imported that lib:
Found this
Then i check for that library and i found this on the package.lock and yarn.lock.
Any ideas if this is related with nodemon or gulp-nodemon?