Y
Hacker News
new
|
ask
|
show
|
jobs
by
panhandlr
4201 days ago
In today's climate I would be extremely weary of npm installing any core bitcoin tech without a serious line by line audit of the source.
1 comments
taylorwc
4201 days ago
Why would this be more true of npm than any other package manager for any scripting language?
link
elif
4201 days ago
I would guess his paranoia is more general than directed at npm directly. However, it's a fair point that NPM allows anyone to push projects with no oversight, whereas many other package manager inventories are maintained and curated.
link