|
|
|
|
|
|
by u223344
3735 days ago
|
|
|
--ignore-scripts won't help much. The act of using any npm module means you implicitly trust all the javascript code in the module and any of its dependencies. Has anyone taken the time to inspect every line of the dozens of modules that many common packages pull in? Not likely. |
|
|