<rant>Two years ago I sat in on a security meeting. The subject was protecting the code and associated websites from attack. "I'd just attack the npm packaging system, introducing subtle changes in several that would work together to do whatever I wanted." All I got was blank