Y
Hacker News
new
|
ask
|
show
|
jobs
by
jdcaron
1152 days ago
Yes, and second analysis by an independent party:
https://socket.dev/blog/npm-provenance