Maybe now people can stop blaming npm and realize none of these unreviewed package ecosystem are safe.