Why did this happen to NPM and not another system? Partly, NPM is just a big target. But partly because NPM modules are tiny, so there are more modules and maintainers, which means more attack surface area. Create-react-app 2.1.1 installs 1,770 dependencies (excluding dupes).
21:39 PM - 26 Nov 2018
51152
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Be very careful of adding dependencies
It's easier said than done.
For example: