npm Blog Archive: Binary Planting with the npm CLIThe npm blog has been discontinued. Updates from the npm team are now published on the GitHub Blog and the GitHub Changelog. tl;dr - Update to npm v6.13.4 as soon as possible on all your systems to fix a vulnerability allowing arbitrary path access. The Vulnerabilities In versions of npm prior to 6.13.3 (and versions of yarn prior to 1.21.1), a properly constructed entry in the package.json bin fi
