Severity
High
Description
This package re-exports a well known shell command via an npm bin script. This is possibly a supply chain attack
Suggestion
Packages should not export bin scripts which conflict with well known shell commands
Packages with this issue
Advanced ANSI formatting tool for Node.js
node
Unit test React components using Cypress
Watch a directory and run a command when it changes. Uses polling instead of events to avoid the delays and glitches that other watch tools have.
node
Ultra simple async retrieval of resources or remote files over http or https, an cli tool, and convenience wrapper of node-fetch, and a seamless retry ability
Colorized logs