ChainAlert: new npm maintainer has published version 4.0.1 of package deep-eql
chainalert-bot opened this issue · comments
ChainAlert Bot commented
Dear deep-eql maintainers,
Thank you for your contribution to the open-source community.
We've noticed that chai, a new maintainer, just published version 4.0.1 of deep-eql to npm.
As part of our efforts to fight software supply chain attacks, we would like to verify this release is known and intended, and not a result of an unauthorized activity.
Tagging @chaijs (publisher of the previous version).
This issue was automatically created by ChainAlert.
If you find this behavior legitimate, kindly close and ignore this issue. Read more