> npm packages This has nothing to do with what I said. npm is not a trusted or ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		fsflover 76 days ago \| parent \| context \| favorite \| on: Linux phones are more important now than ever > npm packages This has nothing to do with what I said. npm is not a trusted or a FLOSS repository. > we don't live in fairyland When did you see a malware in Debian's repositories last time?

jovial_cavalier 76 days ago [–]

https://en.wikipedia.org/wiki/XZ_Utils_backdoor

fsflover 75 days ago | [–]

It never came to Debian and was a work of a tremendous effort. This almost never happens, and when it does, practically nothing can protect you.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact