alt Hacker NewsThat’s why I switched to Java.
Replies
UqWBcuFx6NV4r • today at 1:55 PM
…. lol
mschuster91 • today at 2:36 PM
Meh maven plugins are just as juicy a target as npm is
➕ show 2 replies
That’s why I switched to Java.
…. lol
Meh maven plugins are just as juicy a target as npm is
You are absolutely right. The dangerous part of NPM packages is the post-install script. Therefore moving from JavaScript to Java removes the threat.