Security issue: compromised npm packages of ua-parser-js (0.7.29, 0.8.0, 1.0.0) - Questions about deprecated npm package ua-parser-js

1 min read Original article ↗

Hi!

See a warning at npm - https://www.npmjs.com/package/ua-parser-js - This package has been hijacked. Please revert to 0.7.28

First question - Can we use range ^0.7.28, or it is not safe?

Second question - Will you create a new package, or try to remove hijacked versions and continue update this package?