Closed Prophecy35363 closed 2 years ago
A malicious package with the same name (written in lowercase) exists, that causes this issue.
see https://github.com/github/advisory-database/issues/419#issuecomment-1160928395
Thank you both for the report, I pinned the issue.
For anyone landing here, this library is named jQuery-QueryBuilder
(with uppercases). jquery-querybuilder
contained malicious code and was removed by npm team.
Received a github advisory stating that this library is malware but I can't find any evidence as to why. Do people think there is any truth to this?