Y
Hacker News
new
|
ask
|
show
|
jobs
by
yawaramin
276 days ago
I think that depends on...how are these malicious changes actually getting into these packages? It seems very mysterious to me. I wonder why npm isn't being very forthcoming about this?