You must log in or register to comment.
“No Way To Prevent This” Says Only Package Manager Where This Regularly Happens*
*
This is a joke about gun violence.
Real question? Is it really isolated to npm or is there a few lessons others could take and discover their own vulnerabilities?
It happens in python pip too.
Arch checking in. It may happen less. But it still does.
To be fair to Arch, the AUR was always advertised as a caveat emptor type thing. It never really claimed to be secure in the first place.
“Bless the Maker and His water.
Bless the coming and going of Him.
May His passage cleanse the world.
May He keep the world for His people.”
