In `package.json`, it has a script `"preinstall": "node setup_bun.js"`
+ files `setup_bun.js` and `bun_environment.js` which are apparently is the malware.
I'm not sure the no-code approach is actually dead, but AI is certainly transforming it.
The main problem with AI (aka vibe coding) is that you can start very easily and, in one or two prompts, receive an impressive start for your website or app.
But once you want to change, fix or improve something, that's where you can lose your money. It always feels "almost there, but not yet".
That's exactly where the wysiwyg/drag-n-drop UX comes to the rescue.
And some smart vibe-coding tools (e.g. Lovable) started adding visual development capabilities.
1. UI (visual editor) that produces a schema of an application (sometimes it's called DSL (domain-specific language), or AST (abstract syntax tree), or meta-model (as @speedgoose wrote)).
2. Interpreter/compiler that converts the schema/DSL/AST/model of your application into the code. Sometimes it's compiling real text code like HTML/JS/CSS. Sometimes it's interpreting in runtime.
Usually, it should do both. Code for the output/export/deploy. Runtime for your editor's canvas or preview mode.