Hacker News new | past | comments | ask | show | jobs | submit login

That's a massive burden on the poor person who has to ok the package - especially at NPM's scale, for example.

We believe npm's scale is a direct result of having the lowest ceremony to publish a package. Turning the dial in the direction we did has pros and cons.

Well, ideally you'd set up some sort of system where multiple people work on managing a repository, similar to maybe how linux distributions package applications and libraries.

NPM's scale is the exception, rather than the rule.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact