Search
Items tagged with: NPM
‘No Way To Prevent This,’ Says Only Package Manager Where This Regularly Happens | Kevin Patel
「 “It’s a shame, but what can you do? This is just the price of building modern web apps,” said Senior Frontend Engineer Mark Vance, echoing the sentiments of a community that completely relies on a 40-level-deep nested tree of unvetted packages maintained by pseudonymous strangers to capitalize a single string 」
kevinpatel.xyz/posts/no-way-to…
‘No Way To Prevent This,’ Says Only Package Manager Where This Regularly Happens
SAN FRANCISCO, CA - In the wake of a devastating supply chain attack in the npm registry that left millions of enterprise applications compromised and billions of user records exposed, developers across the JavaScript ecosystem expressed deep sorrow …Kevin Patel
