re: How do we improve security in the npm ecosystem? VIEW POST

VIEW PARENT COMMENT VIEW FULL DISCUSSION
 

Yeah but then a smart attacker would just release an innocuous major version and then slip in the malware in the next minor one.

code of conduct - report abuse