Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
@ThaOneDude Thats what makes it so scary...
-
This is really the result of lazy developers, and getting pwned by this kind of shit is your own damn fault. If you don't know what you're installing, you're really asking for it. As the author said:
"Lucky for me, we live in an age where people install npm packages like they’re popping pain killers." -
@threevolve Totally agree from the service providers perspective. Not so much from the perspective of an average web user that gets his data stolen.
-
@PeteDev Agreed.
Wow! This is a truly terrifying, yet fictional scenario. Malware by npm: https://hackernoon.com/im-harvestin...
rant