Skip to content
loading...

re: ESLint and the Problem with NPM VIEW POST

TOP OF THREAD FULL DISCUSSION
re: It's really complex problem hard to address. In my opinion, it all come down to everyone responsibility. You have to check the stability of your d...

In my opinion, it all come down to everyone responsibility. You have to check the stability of your direct dependencies and correct if need be.

Tooling should help though. npm-audit goes in the right direction

Hum yes, but it only warn for know issues. Which is good, but lack the human inspection for new vulnerabilities.

yeah sure, it can't warn for something that's unknown.

Maybe in the future we'll have AI that can help with this sort of things, in the meantime we just need to do better.

code of conduct - report abuse