*> eslint's dependency tree* And if you turn on devDependencies (top right), it ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mh- on March 15, 2025 \| parent \| context \| favorite \| on: Tj-actions/changed-files GitHub Action Compromised... > eslint's dependency tree And if you turn on devDependencies (top right), it goes from 85 to 1263.

Terr_ on March 15, 2025 [–]

I'd also emphasize out that there's nothing safe about it being "only dev", given how many attacks use employee computers (non-prod) as a springboard elsewhere.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact