NPM Malware Search
This package will search in your package.json for packages listed here: Announcement.
Install
npm install --save-dev npm-malware-search
Running
From the command line:
$(npm bin)/search-for-those-mysterious-packages
Or if you prefer, add to package.json
:
"scripts": {
"search-for-those-mysterious-packages": "search-for-those-mysterious-packages"
}
and then run from command line:
npm run search-for-those-mysterious-packages
What to do if a mysterious package is found
From the announcement above:
If you downloaded and installed any of these packages, you should immediately revoke and replace any credentials you might have had in your shell environment.