Warning! NPM package eslint-scope 3.7.2 has been compromised

Posted 5 months ago by Nash

From the incident report:

Version 3.7.2 of the popular package eslint-scope was published without authorization ( see https://github.com/eslint/eslint-scope/issues/39 ). This version contained apparently malicious code that attempted to steal npm login tokens. It has been unpublished and is no longer available.

Please sign in or create an account to participate in this conversation.

Laracasts Mascot

Hi, Have We Met Yet?

Did you know that, in addition to the forum, Laracasts includes well over 1000 lessons on modern web development? All for the price of one lunch out per month.

Sign Me Up


Reply to

Use Markdown with GitHub-flavored code blocks.