| ▲ | SahAssar 5 days ago | |
> But never ever anyone was rooted because of malware that was snuck into an official .deb package. We got pretty close with the whole XZ thing. And people generated predictable keys due to a flaw in a debian patch to openssl. This stuff is hard and I'm not saying that npm is doing well but seems like no large ecosystem is doing exceptionally well either. | ||
| ▲ | cenamus 4 days ago | parent [-] | |
I'd say jus about every major linux dist is doing about 2 orders of magnitude better than npm | ||