am i safe to use next.js right now
Answered
English Angora posted this in #help-forum
English AngoraOP
i want to make a website using next.js but im scared i might accidently install something that has axios as a dependency is this a valid fear?
Answered by B33fb0n3
its good to be careful. Check the "Attack Timeline" here: https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
As you can see, npm replaced the bad package with a security patch that wont harm anything. So even when using axios or other packages using it, you are safe
As you can see, npm replaced the bad package with a security patch that wont harm anything. So even when using axios or other packages using it, you are safe
6 Replies
English AngoraOP
oops i acidently made this post twice
What it got patched almost instantly
English AngoraOP
alright i just want to be careful
@English Angora alright i just want to be careful
its good to be careful. Check the "Attack Timeline" here: https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
As you can see, npm replaced the bad package with a security patch that wont harm anything. So even when using axios or other packages using it, you are safe
As you can see, npm replaced the bad package with a security patch that wont harm anything. So even when using axios or other packages using it, you are safe
Answer
English AngoraOP
Ty
happy to help