Assaf 🥥🌴 on Nostr: npm package registry flooded with spam packages: estimated to be over 500,000 in Q2 ...
npm package registry flooded with spam packages: estimated to be over 500,000 in Q2 2024.
The spam packages are associated with the Tea protocol, which incentivizes developers to artificially inflate their contribution through mass publication of worthless packages.
https://blog.phylum.io/the-great-npm-garbage-patch/Published at
2024-08-07 17:30:13Event JSON
{
"id": "d309f24c262518004f0be8fd1c4a6c0be0e52a958f9870b8dc3577af19fbc042",
"pubkey": "36a30783457602c172cb404d77ab5e299f0b2f486ca63ca30b3a4bf06e5c0447",
"created_at": 1723051813,
"kind": 1,
"tags": [
[
"proxy",
"https://mas.to/@assaf/112921923645529436",
"web"
],
[
"proxy",
"https://mas.to/users/assaf/statuses/112921923645529436",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mas.to/users/assaf/statuses/112921923645529436",
"pink.momostr"
],
[
"-"
]
],
"content": "npm package registry flooded with spam packages: estimated to be over 500,000 in Q2 2024.\n\nThe spam packages are associated with the Tea protocol, which incentivizes developers to artificially inflate their contribution through mass publication of worthless packages.\n\nhttps://blog.phylum.io/the-great-npm-garbage-patch/",
"sig": "88cf92eec4f7dc155c4e68caca9f644e49b229b3af65639c6521cbc767c548a980e0ea35684771912977b8cf931c21de9c0ef523adb5c2d4a2d160f4c119aca3"
}