|
|
|
|
|
|
by jacques_chester
1693 days ago
|
|
|
I would say that it's not that different from others I've seen, just more visible because of the size and activity of the repository. One thing NPM does (and I believe Python too) is to allow install scripts -- this has been a reliable vector for attackers to steal credentials. Not every package repository system has that. |
|
|