• AgreeableLandscape
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    2 years ago

    Or in terms of the GitHub analogy, this would be like malware making its way into somewhere like a distro’s package manager.

      • AgreeableLandscape
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        2 years ago

        Which is why NPM is such a terrible package manager and devs of mission critical codebases think twice about trusting it to not screw them over.