Y
Hacker News
new
|
ask
|
show
|
jobs
by
consp
86 days ago
And yet npm install [package with 1000 recursieve dependencies] is not considered a supply chain risk at all to those security/compliance jarls.
Let alone having to check all licenses...