Hacker News new | ask | show | jobs
by marcus_holmes 1612 days ago
Nothing. These are also very, very dangerous and expose your site to supply-chain attacks.

The article linked to here [0] which is a must-read for everyone who feels that adding a dependency is safe.

[0] https://medium.com/hackernoon/im-harvesting-credit-card-numb...