You must’ve heard about the event-stream incident in which a popular npm package was given to a hacker by the own…