Oh, I don't npm. If I can't yum (et.al.) install it I absolutely review the past... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		irishcoffee 3 months ago \| parent \| context \| favorite \| on: Lotusbail npm package found to be harvesting Whats... Oh, I don't npm. If I can't yum (et.al.) install it I absolutely review the past major point releases for an hour and do my research on the library.

SoftTalker 3 months ago [–]

Is there any guarantee that yum (et. al.) packages are audited?

irishcoffee 3 months ago | [–]

What would qualify as a "guarantee" for you?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact