>Who checks the code? This is not specific to NPM. You can ask the same question... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

finchisko on May 23, 2018 | parent | context | favorite | on: Ask HN: How secure is the JavaScript NPM eco-syste...

>Who checks the code?

This is not specific to NPM. You can ask the same question for any language repository. And the answer will be in the most cases same.

Blackstone4 on May 23, 2018 [–]

True but with NPM, I feel like the surface area is much larger because of the number of modules.

If you use Golang, then you'll mostly be using the stdlib plus some libraries. A much smaller surface area and checking that code becomes more feasible.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact