|
|
|
|
|
|
by phpnode
3079 days ago
|
|
|
from the blog post: > the integrity of these 106 packages were never jeopardized. are we operating with different definitions of jeopardy here? 106 packages were absolutely at risk of harm during this window. The fact that some community members stepped up is irrelevant, a bad actor could have done a lot of damage here.
I think this blog post is completely disingenuous, and doesn't make me trust npm. |
|
|
0x0 claimed the code uploaded as duplexer3 was "undesirable code" and implied that it was a "malicious actor". It was completely utterly benign.