Comment by internet_points
7 hours ago
but if you `cd project && npm install compromised-package` then compromised-package's setup script can still read your env vars, right?
7 hours ago
but if you `cd project && npm install compromised-package` then compromised-package's setup script can still read your env vars, right?
No comments yet
Contribute on Hacker News ↗