| ▲ | brazzy 3 days ago | |
I feel attacked. And very, very happy that we're proxying all access to npm through Artifactory, which allowed us to block the affected versions and verify that they were in fact never pulled by any of our builds. | ||
| ▲ | Aeolun 3 days ago | parent | next [-] | |
Only problem is the artifactory instance is on the other side if the world instead of behind the convenient npmjs CDN, so installing packages takes 5x longer.. | ||
| ▲ | pixl97 3 days ago | parent | prev [-] | |
About to say, if you're in a company of any size and you're not doing it this way, you're doing it wrong. | ||