Slacker News Slacker News logo featuring a lazy sloth with a folded newspaper hat
  • top
  • new
  • show
  • ask
  • jobs
Library
← Back to context

Comment by Sankozi

2 months ago

It is not package managers. It is due to the poor NPM ecosystem: lots of crappy packages (like left-pad), auto updates, lots of dependencies, post install scripts, insecure language.

These security problems happen much less often in other ecosystems. There is nothing even remotely as bad as NPM.

0 comments

Sankozi

Reply

No comments yet

Contribute on Hacker News ↗

Slacker News

Product

  • API Reference
  • Hacker News RSS
  • Source on GitHub

Community

  • Support Ukraine
  • Equal Justice Initiative
  • GiveWell Charities