@general https://blog.vlt.sh/blog/the-massive-hole-in-the-npm-ecosystem
An interesting (and potentially massive) security flaw in the JavaScript ecosystem that concerns file manifest metadata, and the APIs that use them.
It is also discussed by the author in this podcast interview: https://changelog.com/jsparty/282
0 comments