[email protected] and [email protected] are compromised · Issue #10604 · axios/axios
github.com
more details: https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan Most likely, a maintainer's GitHub and npm accounts are compromised as these iss...
  • Armand1@lemmy.world
    10·
    1 day ago

    I was trying to figure out why people still use Axios, when the built-in fetch works just fine. Is it because people are still sending XML requests?

    • L_Acacia@lemmy.ml
      10·
      1 day ago

      It provides a lot of nice syntactic sugar that you would otherwise have to write a wrapper for on top of Fetch. Built in request interception, request transformation, (de)serialization, shared request config, timeout/retries management, …

      Though this definitely comes with bloat and supply chain risks.