Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Obviously way too easy to take over these 'orphaned' packages if it can be done in an automated manner. GitHub/NPM/etc doesn't have this issue, they need to stop equivicating. Sounds more like an anonymous FTP site.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: