Nope. post above is about Rust crates, but there have been a huge number of similar attacks on npm packages recently too.
Discussion
Pretty scary attack actually
https://www.paloaltonetworks.com/blog/cloud-security/npm-supply-chain-attack/
NPM
Package mostly installed from
Git hub repo , and sometimes they show you , like 4 moderate vulnerabilities until 3 severe vulnerability for example … always be cautions and careful to download . Sometimes there is so much version deprecated ⚠️