Y
Hacker News
new
|
ask
|
show
|
jobs
by
yunong
3080 days ago
Has the community discussed adding cryptographic signatures to npm packages? It's generally a good idea in any case, but this outage further highlights the security risks of a public registry where packages are not signed.