
NPM Security Insights API - Vector919
https://blog.npmjs.org/post/188234999089/new-security-insights-api-sneak-peek
======
actionowl
They are revealing to the public if a package maintainer used Tor or 2FA. I do
not think that information should be made public.

