|
|
|
|
|
|
by acdha
2506 days ago
|
|
|
How often do you see that in cases where someone wasn’t going to run the software anyway? I’m not sure how much of a risk this is adding now that HTTPS has become routine — is it really better to install a tarball, unaudited package on NPM/PyPI/etc.? |
|
|