There are rumours that was NX Console VS code extension
https://github.com/nrwl/nx-console/security/advisories/GHSA-...
https://www.stepsecurity.io/blog/nx-console-vs-code-extensio...
There are rumours that was NX Console VS code extension
https://github.com/nrwl/nx-console/security/advisories/GHSA-...
https://www.stepsecurity.io/blog/nx-console-vs-code-extensio...
UPD: it’s confirmed now by the CEO of Nx https://x.com/jeffbcross/status/2057236396658811020?s=46&t=_...
> One of our developers was compromised by a recent supply-chain compromise on Tanstack
...which in turn was caused by bad design of github's CI pipeline. Funny how it all comes back around like that.
Yeah..full circle
Sounds like another "why even bother" extension, made to automate things that shouldn't be automated
[dead]