|
|
|
|
|
|
by jcpsimmons
1119 days ago
|
|
|
There are no security implications other than those brought by the user. Freeze and host your own copies of libraries in an overlay (or write your own). The developer chooses which packages to use and from where, VERY explicitly and with a SHA which is far more secure than NPM for example (which is in production…everywhere) |
|
|