
NPM package with-redux was abused. reported, but NPM team didn't care. ️ - leadream
https://www.npmjs.com/package/with-redux
======
ZachTRice
When you send an email to security@npmjs.com, a "security point of contact,
who will delegate incident response activities as appropriate." per their
security documentation here:
[https://www.npmjs.com/policies/security](https://www.npmjs.com/policies/security)

I'm assuming because this package has relatively low impact, it was given a
triage rating of `P3` (also described on that documentation page). That means
it is "Low severity, fix within 180 days".

------
duxup
Isn't this just a link to the npm site for something with 5 downloads a week?

This doesn't seem to fit the title.

