Installing 3rd party packages the way Node and Python devs do regularly _is_ a security hole.
We definitely agree on that. Fortunately some of the 600+ comments here include suggestions of what to do about it.
alt Hacker News
We definitely agree on that. Fortunately some of the 600+ comments here include suggestions of what to do about it.