Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

Incidents like this show how fragile the supply chain really is. One compromised maintainer account can affect thousands of projects. We need better defaults for package signing + automated trust checks, otherwise we’ll just keep repeating the same cycle.”


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: