Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
twistedpair
27 days ago
|
parent
|
context
|
favorite
| on:
Shai-Hulud Returns: Over 300 NPM Packages Infected
Good point, but until many popular packages stop requiring install.sh to operate, you'll still need to allowlist some of them. That is built into the PNPM tooling, luckily :)
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
