npm is a complete fucking security nightmare. all those dependencies you're pulling in? yeah, you're just asking for a supply chain attack. never trust user input. And never blindly install random packages.
0
0
0
no replies yet