Supply Chain Security Alert: eslint-config-prettier Package Shows Signs of Compromise

StepSecurity is investigating a potential supply chain security incident involving the eslint-config-prettier npm package. The widely-used package, which helps developers maintain consistent code formatting by turning off ESLint rules that conflict with Prettier, appears to have had multiple versions published with suspicious modifications. This represents a significant supply chain risk given the package's widespread adoption in JavaScript development environments. The compromise could potentially affect numerous downstream projects that depend on this popular configuration package.