Y
Hacker News
new
|
ask
|
show
|
jobs
by
vlovich123
277 days ago
Seems like identical approach to the npm phishing attempts. There was some good suggestions last time like locking down the ability to upload packages for a few days after a security change.