alt Hacker NewsCompanies such as socket and safedep will still scan new packages and alert on malware (if they are able to detect it) so the packages are taken down before they pass your cool down
Companies such as socket and safedep will still scan new packages and alert on malware (if they are able to detect it) so the packages are taken down before they pass your cool down
It’s kind of insane this doesn’t happen in the publish pipeline by default.