ezShroom
commented
2 days ago
Not much time to investigate this. Will leave it with y'all
Closed ezShroom closed 1 day ago
ezShroom
commented
2 days ago
Not much time to investigate this. Will leave it with y'all
yusukebe
commented
1 day ago I've tried scanned the file in this package with VirusTotal. But there is no security matter.
package/bin:
https://registry.npmjs.org/create-hono/-/create-hono-0.9.2.tgz:
https://www.virustotal.com/gui/url/18e106983f75cc244d83dfef7eaefd70f2d5cd9f25f3520ef347507b64ede862
If you download it from registry.npmjs.org, it will be safe. But we can't handle the other repo's security issues since it's not Hono's scope. We can close this issue.
ezShroom
commented
1 day ago It was downloaded from npmjs, since it was done with Bun in an empty project.