Y
Hacker News
new
|
ask
|
show
|
jobs
by
siddhant
2872 days ago
If they can inject something like that in the output, they can also do something funky on your dev machine. Which means I shouldn’t be installing
any
npm package.
1 comments
Walkman
2872 days ago
You are correct! :D
link