Y
Hacker News
new
|
ask
|
show
|
jobs
by
omcnoe
31 days ago
These malicious packages are being caught by the authors, and by automated package security scanners, not just by end users. npm should start setting this 7 day cooldown as default.
1 comments
andix
31 days ago
Even 12 hours would probably be enough. Those automatic malware scanning companies are getting really fast.
link