Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
rronalddas
on Jan 10, 2022
|
parent
|
context
|
favorite
| on:
What NPM should do to stop a new colors attack
Yeah, it can be done easily using lockfiles, both yarn and npm allow that. You would seldom run npm update directly in production without testing the updated deps first
Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
