Y
Hacker News
new
|
ask
|
show
|
jobs
by
bakkoting
36 days ago
These things are usually caught by tools specifically scanning npm or by the maintainers noticing their account is compromised, not by people auditing their own installed packages.