logoalt Hacker News

andyfilms1yesterday at 9:00 PM0 repliesview on HN

Package manager incidents (like leftpad) have shown that just because it's open source doesn't mean it can't do damage to your project.