There is quite a controversy going on concerning NPM.
This guy removed his NPM libraries because of some legal issues. In the void left behind, not only were many projects broken, but the package appeared to be hijacked. Eventually it was confirmed that the new package is without harm, but this is a serious security issue. If one is to remove a package from NPM and someone with bad intensions takes over, it will automatially be installed in any project.
I’m just wondering, how does this affect Ember and are the Ember core developers aware of this issue?