Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replaced piwik-pro-angular-tracking (package.json=>name) by proper package name @piwikpro/ngx-piwik-pro (as it's known by npmjs Registry) #13

Closed
wants to merge 1 commit into from

Conversation

andrii-lundiak
Copy link

@andrii-lundiak andrii-lundiak commented Feb 22, 2023

Maybe it's a reason of Issue #12

NPMjs.com clearly does hve ONLY one package with name @piwikpro/ngx-piwik-pro
https://www.npmjs.com/package/@piwikpro/ngx-piwik-pro

Bit this package is ALSO searchable by value piwik-pro-angular-tracking

When we install piwik-pro-angular-tracking LOCALLY it installs totally different package:

image

And contains ONLY two files:
image

README:

# Security holding package

This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.

Please refer to www.npmjs.com/advisories?search=piwik-pro-angular-tracking for more information.

package.json:

{
  "name": "piwik-pro-angular-tracking",
  "version": "0.0.1-security",
  "description": "security holding package",
  "repository": "npm/security-holder"
}

So the idea of this PR is TO AVOPID using that name whatsoever.

DISCLAIMER.
I don't know the history of these both packages. I am NOT maintainer.

Git Hub Actions result from MY fork:
image

@andrii-lundiak andrii-lundiak changed the title Maybe it's a reason of Issue #12 Replace piwik-pro-angular-tracking by proper package name @piwikpro/ngx-piwik-pro Feb 22, 2023
@andrii-lundiak andrii-lundiak changed the title Replace piwik-pro-angular-tracking by proper package name @piwikpro/ngx-piwik-pro Replaced piwik-pro-angular-tracking (package.json=>name) by proper package name @piwikpro/ngx-piwik-pro (as it's known by npmjs Registry) Feb 22, 2023
@andrii-lundiak
Copy link
Author

I do close this PR, because it's NOT correct code change, as I realized after @danieltwork comment under #11

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant