morion4000
commented
6 days ago Closed morion4000 closed 5 days ago
morion4000
commented
6 days ago 
lukBB
commented
6 days ago same here
Wellington01
commented
6 days ago same here
my project not working because
Error: Cannot find module './url-state-machine'
gianlucariccobono
commented
6 days ago In case someone needs a temporary fix:
My project was using whatwg-url@5.0.0 which was required by @supabase/node-fetch. Overriding to the latest version of whatwg-url fixed the Malware-Detection for now:
package.json:
"overrides": { "whatwg-url": "^14.0.0" }
morion4000
commented
6 days ago In case someone needs a temporary fix:
My project was using whatwg-url@5.0.0 which was required by @supabase/node-fetch. Overriding to the latest version of whatwg-url fixed the Malware-Detection for now:
package.json:
"overrides": { "whatwg-url": "^14.0.0" }
It works. Thank you!
Niels-Baas
commented
6 days ago Got the same within Norton could somebody explain why this can happen? And is it safe or
Wellington01
commented
6 days ago Got the same within Norton could somebody explain why this can happen? And is it safe or
Researching to solve the problem, I realized that depending on the package you are using in the project, it forces a version of whatwg-url that uses the punycode package in the "url-state-machine.js" file, punycode had some security issues previously reported, in the most recent versions of whatwg-url the use of punycode was removed, so setting it to use the newer versions solves the problem.
PatrickSocha
commented
5 days ago +1 to this issue on Avast Business. File is quarantined.
domenic
commented
5 days ago Please report bugs in your malware software to those vendors; there's nothing we can do in this codebase.