@btaf45 to TechnologyEnglish • 1 day agoHundreds of code libraries posted to NPM try to install malware on dev machinesarstechnica.comexternal-linkmessage-square31arrow-up1217arrow-down12cross-posted to: [email protected][email protected][email protected][email protected][email protected]
arrow-up1215arrow-down1external-linkHundreds of code libraries posted to NPM try to install malware on dev machinesarstechnica.com@btaf45 to TechnologyEnglish • 1 day agomessage-square31cross-posted to: [email protected][email protected][email protected][email protected][email protected]
minus-square@LavenderDay3544linkEnglish2•2 hours agoI really think every package repository should be opt in and every publisher should be required to verify their identity and along with checksum verification for the downloaded files.
I really think every package repository should be opt in and every publisher should be required to verify their identity and along with checksum verification for the downloaded files.