120 points bavarianbob | 1 comments | 4/1/2025, 4:19:00 PM | HN request time: 0.204s | source

EDIT: Back online?!

NPM discussion: https://github.com/npm/cli/issues/8203

NPM incident: https://status.npmjs.org/incidents/hdtkrsqp134s

Cloudflare messaging: https://www.cloudflarestatus.com/incidents/gshczn1wxh74

GitHub issue: https://github.com/sindresorhus/camelcase/issues/114

Anyone experiencing npm outage that's more than just the referenced camelcase package?

Show context

tom_usher ◴[4/1/2025, 4:38:00 PM] No.43548817[source]▶

>>43548589 (OP) #

Seems to be a change in Cloudflare's managed WAF ruleset - any site using that will have URLs containing 'camel' blocked due to the 'Apache Camel - Remote Code Execution - CVE:CVE-2025-29891' (a9ec9cf625ff42769298671d1bbcd247) rule.

That rule can be overridden if you're having this issue on your own site.

replies(3): >>43549123 #>>43550078 #>>43550699 #

1. cbovis ◴[4/1/2025, 5:05:00 PM] No.43549123[source]▶

>>43548817 #

Confirmed here: https://www.cloudflarestatus.com/incidents/gshczn1wxh74

↑

Tell HN: Camelgate NPM Outage (Cloudflare)