Y
Hacker News
new
|
ask
|
show
|
jobs
by
ptx
1680 days ago
You do need to trust
somebody
(such as your Linux distribution of choice) but with NPM you're trusting thousands of somebodies and your system's security depends directly on
all
of them being secure and trustworthy.
1 comments
elevader
1680 days ago
Yeah, that is true. And npm as a whole doesn't really have a good track record in being worthy of a lot of trust.
link