Comment by vrighter
1 day ago
the more people use this, the less useful it becomes for everyone. If everyone uses this, then everyone would still be using a particular package for the first time at the same time. What then? Release another package that extends the delay to 6 months?
Malicious packages aren’t just found because someone gets pwned, there are organizations out there proactively scanning for this stuff.