[tubs]

Yeah like npm! Don’t think there’s ever been security issues in that.

[saintfire]

I download all apps on my phone from the bleeding edge of npm. /s

When npm has supply chain attacks it's still news.

On Google Play Store its actually noteworthy when an app isn't some level of malware loaded with ads and questionable permissions.