Also they got hit with the most recent supply chain attacks on NPM. They aren’t exactly winning the security game.