How many more examples of malware postinstall scripts do we need before Node quits running them by default, without warning?

All Composer packages (but the malicious part is in the node dependency)

Effected*

> Use effect as a noun to refer to a change resulting from something.