|
|
|
|
|
|
by dmethvin
3742 days ago
|
|
|
> "As a responsible developer you will, of course, want to verify that any package upgrades function as advertised. The real world is a messy place; there’s nothing we can do about that but be vigilant." Being a programmer you may, of course, try to automate that verification process with something like greenkeeper.io. That opens up its own kind of exploit opportunities. https://twitter.com/davemethvin/status/711181897712455680 |
|
|