JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
This is a client generator that emits a typed client built on the standard fetch API (no axios dependency). Only use openapi-automatons.
The benchmark is a simple getting data example using a 50 TCP connections with a pipelining depth of 10 running on Node 22.11.0 ...