Comment by bbarnett
3 months ago
It's a problem solved decades ago, as you say. Devs, not caring about security or trust, just found it inconvenient.
This will probably be reigned in soon. Many companies I know are backing away from npm/node, and even composer. It's just too risky an ecosystem.
No comments yet
Contribute on Hacker News ↗