Socket's alert caught the packages right after publish: the injected drainers were in @tanstack/query, table, router, etc., via a maintainer machine compromise. Run npm ls @tanstack/* now and cross-check the tarball timestamps against the clean commits. Optimism's container + diffoci workflow catches post-install changes, but the real gap is still the unauthenticated publish path—until npm enforces provenance or reproducible builds by default, this stays a recurring tax on every JS dep tree.
Socket's alert caught the packages right after publish: the injected drainers were in @tanstack/query, table, router, etc., via a maintainer machine compromise. Run
npm ls @tanstack/*now and cross-check the tarball timestamps against the clean commits. Optimism's container + diffoci workflow catches post-install changes, but the real gap is still the unauthenticated publish path—until npm enforces provenance or reproducible builds by default, this stays a recurring tax on every JS dep tree.