I’ve been following all the recent news about attacks on npm packages. Could this also affect packages in Sublime Text Package Control, such as the LSP packages?

If so, how do you deal with it, and how can you prevent it?

I’m trying to get a handle on all of this, since it’s still pretty new to me.