ESLINT COMPROMISED

[Adil]

You must be registered for see links

You must be registered for see links

Check your stuff

find . -type d -name "eslint-scope" -print0 | xargs -n 1 -0 -I % sh -c "(cat %/package.json | npx json version) && echo '(at %)'"

From @feross on twitter

 

[TesoMayn]

tl;dr or ts;cr (too stupid can't read) : Someone at eslint was compromised, this downloads something that gave the attacker your .npmrc, which contains some info, especially if you publish to NPM.
They've revoked tokens, it should be resolved. Just use the latest version.