timeago.js

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

• MAL-2026-4156Malicious code in timeago.js (npm)
  May 19, 2026