[panhandlr]

Looks like they built their NSA spy module out of coffeescript, neato

[knowaveragejoe]

Huh?

[panhandlr]

In today's climate I would be extremely weary of npm installing any core bitcoin tech without a serious line by line audit of the source.

[taylorwc]

Why would this be more true of npm than any other package manager for any scripting language?

[elif]

I would guess his paranoia is more general than directed at npm directly. However, it's a fair point that NPM allows anyone to push projects with no oversight, whereas many other package manager inventories are maintained and curated.