Y
Hacker News
new
|
ask
|
show
|
jobs
by
smallpipe
44 days ago
OP is suggesting that a supply chain attack would be bad now, and to reduce that risk by not installing/updating NPM packages.