npm accidentally marked a bunch of one-character packages as security holders, including c, i, n, x, several numbers, and even the - package.
The registry confirmed it was a tooling bug and said a rollback is underway.
socket.dev/blog/npm-too...
npm confirmed a tooling bug incorrectly marked several one-character packages as security holders and said it was working on a rollback.
