“The mysterious supply chain concern of string-width-cjs npm package | Snyk”

snyk.io/blog/supply-chain-stri…

> It is my assumption that all of these dependent packages and download boosts are leading to the sole purpose of creating false legitimacy for the 3 *-cjs package

Fun fun fun.

reshared this