| ▲ | ashu1461 2 hours ago | |||||||
This makes me think whether npm (and other registries) should apply security requirements based on ecosystem impact. Example a package having millions of downloads can have special security measures enforced. | ||||||||
| ▲ | madeofpalk 2 hours ago | parent [-] | |||||||
What would be a security measure that should only be selectively enforced? | ||||||||
| ||||||||