Closed AndreyBelym closed 1 year ago
Please switch to @achrinza/node-ipc
At present, we stick to the safe node-ipc@9.2.1
version. We'll check the described package once we need to update node-ipc.
I'm recommending this one because that's what vue switched to.
We'll research the possibility to update the node-ipc to that fork if any vulnerability is found in v9.2.1.
Therefore, I'll close the issue for now.
node-ipc
's maintainer purposefully added a malware package as a dependency.