[potential Security Alert] New `postinstall` script added in `extension-develop@3.5.0-next.1`


A new `postinstall` script was detected in version `3.5.0-next.1` of the package `extension-develop`.

**Script content:**
```
node -e "const fs=require('fs');const path=require('path');const entry=path.join(__dirname,'dist','postinstall.cjs');if(fs.existsSync(entry))require(entry);"
```
see [npm documentation on package scripts](https://docs.npmjs.com/cli/v9/using-npm/scripts) for more details.
and [the detector](https://github.com/alphaleadership/npm-check). to understand why this script might be dangerous.
to get the alert only for dangerous scripts, please visit[the telegram](https://t.me/npmalert)
This could be a security risk. Please investigate.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[potential Security Alert] New `postinstall` script added in `extension-develop@3.5.0-next.1` #375

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[potential Security Alert] New postinstall script added in extension-develop@3.5.0-next.1 #375

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

[potential Security Alert] New `postinstall` script added in `extension-develop@3.5.0-next.1` #375