
The Node.js Ecosystem Is Chaotic and Insecure - pplonski86
https://medium.com/commitlog/the-internet-is-at-the-mercy-of-a-handful-of-people-73fac4bc5068
======
greenyoda
Note: From March, 2018.

Discussions from the original posts, for those who are interested:

[https://news.ycombinator.com/item?id=16900545](https://news.ycombinator.com/item?id=16900545)

[https://news.ycombinator.com/item?id=17143222](https://news.ycombinator.com/item?id=17143222)

------
austincheney
If developers cared about security or their users they would managed their
dependencies directly. Most developers don’t cared because they don’t wish to
be inconvenienced.

That isn’t primarily an ecosystem problem. It is a bad developer problem
justified by common practice.

