|
|
|
|
|
|
by drchaos
604 days ago
|
|
|
If npm or Ubuntu would deliberately replace a package with their own implementation, without giving you notice or making this opt-in, would you call that a supply-chain attack? I would, unless the original package contained malicious code (which is not the case with WPE's custom fields plugin) |
|
|
Sometimes a patch isn’t enough so there is something like SilverWolf. That’s kinda like ACF/SCF.