Malaware warning in NPM audit

[dlippy]

Just FYI someone is trying to upload a modified version of this package to NPM that is compromised. NPM audit returns:

react-native-blue-crypto *
Severity: critical
Malware in react-native-blue-crypto - GHSA-9gh9-3fw4-pv6j
No fix available
node_modules/react-native-blue-crypto

[Overtorment]

yes, im aware, we dont use npm, we use this package directly from github

[astriskit]

Hoping @Overtorment meant that this is not dangerous anymore.

[Overtorment]

Hoping @Overtorment meant that this is not dangerous anymore.

it was never dangerous if you use this package from github, not from npm. i dont publish my packages to npm