Okay then, explain to me why this is only possible with NPM? Does it have a hidd... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		AndroTux 10 days ago \| parent \| context \| favorite \| on: Shai-Hulud Returns: Over 300 NPM Packages Infected Okay then, explain to me why this is only possible with NPM? Does it have a hidden "pwn" button that I don't know about?

liveoneggs 10 days ago | [–]

https://docs.npmjs.com/cli/v8/using-npm/scripts

tonyedgecombe 9 days ago | | [–]

>Does it have a hidden "pwn" button that I don't know about?

Perhaps its package owners do.

deafpolygon 10 days ago | [–]

NPM executes packages as you download them.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact