logoalt Hacker News

ashu1461yesterday at 10:26 PM1 replyview on HN

This makes me think whether npm (and other registries) should apply security requirements based on ecosystem impact. Example a package having millions of downloads can have special security measures enforced.


Replies

madeofpalkyesterday at 10:26 PM

What would be a security measure that should only be selectively enforced?

show 2 replies