Broken dropper in @mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp

Mistral npm `@mistralai/mistralai`, `@mistralai/mistralai-azure`, `@mistralai/mistralai-gcp` were compromised by a supply chain attack related to the [TanStack security incident](https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx). An automated worm associated with the attack led to **compromised npm package versions being published**. Current investigation indicates that an affected developer device was involved. We have no indication that Mistral infrastructure was compromised. The compromised versions were removed from npm. They were available only between May 11 at 22\:45 UTC and May 12 at 01\:53 UTC. **Previous and later versions are not affected by this advisory**. ## Impact The dropper **is broken**, it has no impact. - `setup.mjs` references `tanstack_runner.js` but the payload file is named `router_init.js` - `execFileSync` throws `ENOENT` and the tmpdir is wiped before payload runs. Bun gets downloaded to a tmpdir but no payload execution. We still recommend removing the packages, see below for remediation. ## Check whether you are affected You are affected if one of the package versions above was installed in any environment **during the exposure window** or is present in a lockfile, build artifact, container image, package cache, or deployment image. | Package | Affected versions | |---|---| | `@mistralai/mistralai` | `2.2.2`, `2.2.3`, `2.2.4` | | `@mistralai/mistralai-azure` | `1.7.1`, `1.7.2`, `1.7.3` | | `@mistralai/mistralai-gcp` | `1.7.1`, `1.7.2`, `1.7.3` | Check installed versions: ```bash npm ls @mistralai/mistralai @mistralai/mistralai-azure @mistralai/mistralai-gcp grep -n -A 4 -B 2 -E '@mistralai/(mistralai|mistralai-azure|mistralai-gcp)|2\.2\.[2-4]|1\.7\.[1-3]' \ package-lock.json pnpm-lock.yaml yarn.lock 2>/dev/null ``` Look for any of the following files - `router_init.js` (embedded in all @tanstack packages): `ab4fcadaec49c03278063dd269ea5eef82d24f2124a8e15d7b90f2fa8601266c` - `tanstack_runner.js` (from git commit): `2ec78d556d696e208927cc503d48e4b5eb56b31abc2870c2ed2e98d6be27fc96` - `@tanstack/setup` package.json: `7c12d8614c624c70d6dd6fc2ee289332474abaa38f70ebe2cdef064923ca3a9b` You may also run this (read-only) [script](https://gist.github.com/beowolx2/a3ceeb18d1f1cec977d5cc6eaf41c96a) that will automatically flag known malicious files. You are not affected by this advisory if you did not install the affected package versions and they are not present in your lockfiles, build caches, deployment artifacts, or package mirrors. If the command finds an affected version, continue with the [remediation steps below](#remediate-affected-systems). If you use private package mirrors, caches, or container base images, check those copies too. ## Remediate affected systems 1. Stop using the affected package version immediately. 2. Clean systems where one of this package has been installed.