btaf45@lemmy.world to Technology@lemmy.worldEnglish · 5 hours agoHundreds of code libraries posted to NPM try to install malware on dev machinesarstechnica.comexternal-linkmessage-square15fedilinkarrow-up195arrow-down11
arrow-up194arrow-down1external-linkHundreds of code libraries posted to NPM try to install malware on dev machinesarstechnica.combtaf45@lemmy.world to Technology@lemmy.worldEnglish · 5 hours agomessage-square15fedilink
minus-squareorclev@lemmy.worldlinkfedilinkEnglisharrow-up10·4 hours agoNPM has that as well. In fact most languages and build tools support that. It’s actually rare to not have support for that these days.
minus-squareArghblarg@lemmy.calinkfedilinkEnglisharrow-up2·4 hours agoAh, good. I wonder why it isn’t used more often – this wouldn’t be such a huge problem then I would hope. (Let me guess – ‘convenience’, the archenemy of security.)
NPM has that as well. In fact most languages and build tools support that. It’s actually rare to not have support for that these days.
Ah, good. I wonder why it isn’t used more often – this wouldn’t be such a huge problem then I would hope. (Let me guess – ‘convenience’, the archenemy of security.)