Y
Hacker News
new
|
ask
|
show
|
jobs
by
gear54rus
3 days ago
Then don't use it. Just don't presume to tell me if I can or can't.
3 comments
dgellow
3 days ago
Given that has an impact over the whole industry, I will for sure tell you that patching
on install
SHOULD NOT be a thing. Up to you to run your own post install script yourself
link
port11
3 days ago
You’re free to allow scripts as per the linked docs for NPM 12. But the vast majority of us will appreciate the reduced attack surface.
link
jeremyjh
3 days ago
TFA explains how this works, and how to opt out.
link