Comment by Sankozi
2 months ago
It is not package managers. It is due to the poor NPM ecosystem: lots of crappy packages (like left-pad), auto updates, lots of dependencies, post install scripts, insecure language.
These security problems happen much less often in other ecosystems. There is nothing even remotely as bad as NPM.
No comments yet
Contribute on Hacker News ↗