Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
fc417fc802
on March 26, 2025
|
parent
|
context
|
favorite
| on:
Malware found on NPM infecting local package with ...
I'm mostly on board with that dichotomy except that I think it's also important that all fetched artifacts either come from a VCS or are similarly cryptographically versioned and all historical versions made available in a reliable manner.
robinsonb5
on March 26, 2025
[–]
Yes, absolutely - I can't disagree with that.
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
