| ▲ | rochak an hour ago | |
If this is what will take for folks to move away from JS ecosystem, I'll take it. | ||
| ▲ | czbond 10 minutes ago | parent | next [-] | |
I am not a JS dev, but had to interact with the ecosystem some. It became so bad I won't install anything without it being in a Docker or Podman container. | ||
| ▲ | renox an hour ago | parent | prev | next [-] | |
Bah, I think that these kind of vulnerabilities exist in any "packaging ecosystem" where the base language offer "ambient authorities"(any library can access your filesystem) which is .. all of them! AFAIK only research languages do not provide these ambient authorities :-( | ||
| ▲ | jollyllama 39 minutes ago | parent | prev | next [-] | |
This x1000. This is the culmination of 15 years of frontend dev culture. Why does RedHat even have an NPM repo? | ||
| ▲ | kogasa240p 30 minutes ago | parent | prev [-] | |
Seconded | ||