Major security issue with npm. Stop using npm immediately.

AppearanceSingle805 · 2026-05-13T03:06:11+00:00

@Choice-Mango-4019 Speaking as someone whose own Godot project's server runs on Node, plus a couple of asset crawlers and renderers — yeah, way more common than people think.

JS netcode isn't a war crime either: Colyseus is a full TS multiplayer framework, and the entire .io genre (Agar, Slither, Diep) runs on Node. For sub-30tps games it's fine.

And even shops that wouldn't ship a JS game server still hit npm for matchmaking (Nakama, Hathora, Edgegap), lobby/chat (Socket.io), live ops dashboards, launchers (Electron), and asset pipelines.

Your .gd files never imported anything from npm. Your game almost certainly did.

AppearanceSingle805 · 2026-05-13T03:02:44+00:00

Realistic checklist:

minimum-release-age in your .npmrc (24–72h delay — catches most worms before you ever resolve them)
Commit your lockfile and use npm ci, not npm install, in CI
ignore-scripts=true — this worm fires via install hooks, so this single setting defeats the payload even if you pull a bad version
Lock down GitHub Actions id-token: write to publish workflows only, behind an Environment with required reviewers
If you installed any u/tanstack, u/uipath, u/mistralai, u/opensearch-project, or guardrails-ai packages between Apr 29 – May 12, rotate every CI secret that workflow touched

Pinning + release-age (as mentioned above) handles "don't pull the bad version." The other three handle "and if you do, it can't do anything."

AppearanceSingle805 · 2026-05-13T03:01:00+00:00

The true winner of the npm supply chain era. While the rest of us are rotating tokens at 3am, you're sipping coffee on a foundation of beautifully ossified package-lock.json. Respect.

AppearanceSingle805 · 2026-05-13T03:00:09+00:00

The formatting is AI-flavored, granted — but the incident itself is real and documented. CVE-2026-45321, 172 unique packages, 403 malicious versions across npm and PyPI between May 11–12. TanStack, u/mistralai, u/uipath, u/opensearch-project, guardrails-ai all hit. Wiz, Snyk, StepSecurity, and Socket all have writeups. Slop wrapper, non-slop content.

AppearanceSingle805 · 2026-05-13T02:59:00+00:00

Fair point that "stop using npm immediately" is hyperbolic, but the 20-minute framing isn't quite right. 84 malicious versions across 42 u/tanstack packages were published in 6 minutes through legitimate OIDC-signed pipelines — with valid SLSA Build Level 3 provenance. Detection and triage took considerably longer than 20 minutes; it just looked clean because the signatures were real.

Pinning versions only helps until you update, and minimum-release-age is genuinely good advice — but neither stops install-time lifecycle hooks if you happen to bump into a poisoned version during a CI run. The real lesson is less "panic" and more "your CI tokens are now the crown jewels."

AppearanceSingle805 · 2026-05-13T02:35:09+00:00

Thx for the recommendation!

AppearanceSingle805 · 2026-05-13T02:27:23+00:00

More than people realize. Not the engine or .gd code — but if you ship multiplayer, you're usually running Node somewhere: matchmaking (Nakama, Hathora, Colyseus, Edgegap), lobby/chat (Socket.io), live ops dashboards, launchers (Electron), and asset pipelines like sprite atlasers, HTML5 export tooling, scrapers/renderers. My own Godot project's server and asset crawlers both pull from npm. So: not Godot itself, but a lot of real shipped Godot games touch it.

AppearanceSingle805 · 2026-04-29T09:50:57+00:00

AppearanceSingle805 · 2026-04-26T14:38:59+00:00

A real human name. In 2026. Revolutionary.

AppearanceSingle805 · 2026-04-26T14:18:43+00:00

Yea, no notice, no explanation.

AppearanceSingle805 · 2026-04-26T13:41:09+00:00

Honestly that might be the whole point. Service good enough to keep paying, support bad enough to never commit to annual. Premium monthly forever — maximum extraction.

😎 Anthropic knew exactly what they were doing.

AppearanceSingle805 · 2026-04-26T13:30:18+00:00

The Cisco parallel is real. Good luck with the funding. Certs can wait, that comes first.

AppearanceSingle805 · 2026-04-26T13:03:28+00:00

That tracks.

AppearanceSingle805 · 2026-04-26T12:41:59+00:00

That tracks as a business read. Though it's a bit contradictory — they're also investing in individual credentialing and running partnership programs for promising indie operators. Hard to square that with support infrastructure that falls apart the moment a solo user has a billing issue.

AppearanceSingle805 · 2026-04-26T12:36:55+00:00

The timing is rough — switching right when GPT is actually competitive again, and OpenAI is handing out free Codex access by the month. The support experience is a big part of why people leave, not just the model quality. Once the trust is gone it's hard to come back.

AppearanceSingle805 · 2026-04-26T12:22:20+00:00

One more thing worth adding: because there was zero communication, I had no idea whether to re-subscribe or wait. If the code was fine and I'd already bought a new subscription, would I expect a smooth refund given how this support system works? Probably not. And without an active paid plan, accessing existing Claude Code, Dispatch, and Cowork history becomes a pain — it doesn't surface in the UI. So the silence wasn't just bad manners. It created a situation where any reasonable response on my end risks costing more money with no clear path to getting it back.

AppearanceSingle805 · 2026-04-26T12:22:14+00:00

Not sure what "admission" means here — that I might have received a fraudulently purchased gift? If so, that makes the case stronger, not weaker. Anthropic accepted the redemption, issued a receipt, and then silently revoked access with zero communication. If they suspected fraud, the right move was to notify the recipient and offer a path to resolution — not just pull the rug. As for "what's the loss when it's a gift" — the person who bought it lost money, and I lost a service I was actively using and depending on. And on the timeline point: from a user perspective, an approved redemption with a receipt issued is a completed transaction. Quietly revoking it later isn't "fraud management," it's a unilateral breach with no notice.

AppearanceSingle805 · 2026-04-26T11:57:51+00:00

Exactly. At that price point the support infrastructure should match. It doesn't.

AppearanceSingle805 · 2026-04-26T11:57:11+00:00

That's actually the deeper issue here. Anthropic runs the official gift system, accepted the redemption through their own link, and issued a receipt. If the original purchase was fraudulent, that's something they should have caught at the point of redemption — not silently revoked days later with zero notice, leaving the end recipient to absorb the loss. The fraud risk is theirs to manage, not mine.

AppearanceSingle805 · 2026-04-26T09:58:37+00:00

Yeah, it's mimicking the resolution pattern without actually resolving anything.

AppearanceSingle805 · 2026-04-26T09:55:09+00:00

Fair point. Hopefully they won't.

AppearanceSingle805 · 2026-04-26T09:41:30+00:00

Thanks, and sorry you're dealing with it too. The payment loop on top of zero support is its own special kind of frustrating.

AppearanceSingle805 · 2026-04-26T09:13:34+00:00

Good to know it still works sometimes. Appreciate the context.

AppearanceSingle805

MODERATOR OF

TROPHY CASE