Y
Hacker News
new
|
ask
|
show
|
jobs
by
stagas
1550 days ago
You can mitigate against those kinds of attacks using npm's `--before` option:
npm i --before=`date -I -d '-5 days'`
It will only install packages released before the specified date.