Hey there,
this project is not installable because of the event-stream dependency.
[ several related greenkeeper issues exist ]
Also there should be a note for people used it in the past that they must update their package.json :
The malicious subdependency came with "npm-run-all": "^4.1.3" which should be upgraded to "npm-run-all": "^4.1.5" to make it work again – see these issues in npm-run-all
The npm post - “After triaging the malware, npm Security responded by removing flatmap-stream and event-stream@3.3.6 from the Registry and taking ownership of the event-stream package to prevent further abuse.”
Hey there, this project is not installable because of the
event-stream
dependency. [ several related greenkeeper issues exist ]Also there should be a note for people used it in the past that they must update their
package.json
:The malicious subdependency came with
"npm-run-all": "^4.1.3"
which should be upgraded to"npm-run-all": "^4.1.5"
to make it work again – see these issues in npm-run-allThe npm post - “After triaging the malware, npm Security responded by removing
flatmap-stream
andevent-stream@3.3.6
from the Registry and taking ownership of the event-stream package to prevent further abuse.”See also https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/ https://medium.com/intrinsic/compromised-npm-package-event-stream-d47d08605502