this post was submitted on 28 Jun 2023
7 points (100.0% liked)

JavaScript

1700 readers
7 users here now

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
7
NPM registry vulnerable to 'manifest confusion' abuse (www.theregister.com)
submitted 1 year ago by [email protected] to c/[email protected]
4 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 2 points 1 year ago (1 children)

Counter question: what part of npm is not vulnerable to attacks?

[โ€“] [email protected] 1 points 1 year ago* (last edited 1 year ago)

your nickname (almost) fits the question xD.

On a more serious note, not all is doom and gloom in NPM, they have improved a lot during these past years.