|
|
|
|
|
|
by MetaWhirledPeas
276 days ago
|
|
|
Yes. For instance when we had that crypto malware npm fiasco a few days back I happened to be updating one of my packages. The audit lit up with dozens of critical issues, but of course this was after it installed everything. Luckily I had disabled install scripts so it became a matter of not running the code until I could get it reverted back. |
|
|