|
|
|
|
|
|
by AQXt
1969 days ago
|
|
|
How about `npm`, `pip`, `cpan`?... We have seen bad updates breaking the entire Javascript ecosystem, but they were not intentional. All it takes to inject a bad dependency is a burned out developer willing to delegate his free project to someone else... |
|
|