Hacker News new | ask | show | jobs
by zahlman 204 days ago
> One key shift is there is no packager anymore. Its just - trust the publisher.

Repositories like NPM's, and PyPI, contain many more packages than any Linux distro. And the Linux Foundation actually gets funded.
1 comments
calvinmorrison 204 days ago
NPM isn't a package repository it's more akin a code repository.

There's a reason why most distributions dont ship upstream (except basically Arch)

link