alt Hacker NewsI had some dependency of a dependency installing crypto miners: it was pretty scary as we have not had this since wordpress. I saw a lot more people having this issue (there is a weird process consuming all my cpu). Like someone here already says: we need an Apache / NPM commons and when packages use anything outside those, big fat alarm bells should chime.
As others pointed out elsewhere, that wouldn’t have helped in this case as presumably it wouldn’t include a WhatsApp API, the purpose of this package. But it could help in general, sure.