Maybe a compromise would be some sort of obvious notification (via the website a... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

softawre on Nov 26, 2018 | parent | context | favorite | on: Backdoor in event-stream library dependency

Maybe a compromise would be some sort of obvious notification (via the website and also via the npm cmdline software) if a maintainer changed.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact