Hacker News new | comments | show | ask | jobs | submit login

It is absolutely reasonable to be skeptical of every package. You probably shouldn't be on the bleeding edge of packages and likely ought to have locally stored packages.

You of course need to audit and improve your local store, but you need to do that with your dependencies anyway




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: