Endaweni yokugcina ye-NPM isenzo esinonya kumaphakheji amane, okuhlanganisa neskripthi sokufaka kuqala, okuthi, ngaphambi kokufaka iphakheji, sithumele amazwana ku-GitHub ngolwazi olumayelana nekheli le-IP lomsebenzisi, indawo, ukungena ngemvume, imodeli ye-CPU, kanye nemibhalo yasekhaya. Kutholwe ikhodi enobungozi emaphaketheni (okulandwayo okungu-255), (okulandwayo okungu-78), (48 ukulanda) kanye (37 ukulanda).
Amaphakheji ezinkinga athunyelwe ku-NPM kusukela ngo-Agasti 17 kuya ku-Agasti 24 ukuze asetshenziswe , i.e. ngokunikezwa kwamagama afana namagama amanye amalabhulali adumile ngokulindela ukuthi umsebenzisi uzokwenza iphutha lapho ethayipha igama noma ngeke aqaphele umehluko lapho ekhetha imojuli ohlwini. Uma sibheka ngenani lokulandiwe, cishe abasebenzisi abangu-400 bawa ngenxa yaleli qhinga, iningi labo elidide i-electorn ne-electron. Okwamanje amaphakheji we-electorn kanye ne-loadyaml ngabaphathi be-NPM, kanye namaphakheji we-lodash kanye ne-loadyml akhishwe umbhali.
Izisusa zabahlaseli azaziwa, kodwa kucatshangwa ukuthi ulwazi luputshuke nge-GitHub (amazwana athunyelwe nge-Idaba futhi asuswa phakathi namahora angu-XNUMX) kungenzeka ukuthi lwenziwa ngesikhathi sokuhlolwa kokuhlolwa kokuphumelela kwendlela, noma ukuhlasela kwakuhlelwe ngezigaba eziningana, ekuqaleni okwaqoqwa idatha yezisulu, kanti okwesibili, engazange isetshenziswe ngenxa yokuvinjwa, abahlaseli babehlose ukukhipha isibuyekezo esingafaka ikhodi enonya eyingozi kakhulu noma i-backdoor in. ukukhishwa okusha.
Source: opennet.ru