|
|
|
|
|
|
by sanitycheck
1032 days ago
|
|
|
That's so interesting, GCHQ! I don't know if that makes me trust it more or less than other random code online. (It's a little like installing some nice free software from the friendly people at the NSA, in case you're unfamiliar.) I did have a quick look at the repo, in case there were some useful security practices I could learn from. But it's just your standard NPM dependencies with a 20K-line package-lock.json. I wonder if perhaps they don't use it internally. Or if they do, perhaps they shouldn't. |
|
|