Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
PxldLtd
6 months ago
|
parent
|
context
|
favorite
| on:
Behind the scenes of Bun Install
That doesn't prevent supply chain attacks. Dev dependencies are still software dependencies and add a certain level of risk.
arcfour
6 months ago
|
next
[–]
This is needlessly pedantic unless you are writing from an OS, browser, etc. that you wrote entirely by yourself, without using an editor or linter or compiler not written by you, in which case I tip my cap to you.
bakkoting
6 months ago
|
prev
[–]
Only in the sense that any other software on the developers' machines adds a certain level of risk.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
