Comment by internet_points
5 hours ago
but if you `cd project && npm install compromised-package` then compromised-package's setup script can still read your env vars, right?
5 hours ago
but if you `cd project && npm install compromised-package` then compromised-package's setup script can still read your env vars, right?
No comments yet
Contribute on Hacker News ↗