Yes but they didn't do it properly. They only allow unpublishing if there are no dependants, which means it can't be used to pull a package version for security reasons.

It should be that within the first X hours you can pull a version regardless of dependants, after that you should need approval.