Y
Hacker News
new
|
ask
|
show
|
jobs
by
Rp8yXmdmr
12 days ago
You are absolutely right. The dangerous part of NPM packages is the post-install
script
. Therefore moving from JavaScript to Java removes the threat.
1 comments
OrangeMusic
12 days ago
You joke but, yeah, when you think about it, the problem with Javascript is the 'script' part. That's actually correct.
link