|
|
|
|
|
|
by Barbing
29 days ago
|
|
|
Nobody can expose themselves during the danger period Dev enforces cooldown on users, not users deciding they want to be safer. Dev has extra step of ensuring they check their accounts every ~23hr indefinitely. The simple cooldown scenario sees potentially thousands of downloads of a malicious package. The 24 hour developer delay scenario sees zero downloads during the same period. |
|
|