TanStack weighs invitation-only pull requests after supply chain attack from www.theregister.com - Articles on 2026-05-18 14:15 (#75PRK) Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on unsolicited contributions
