@general https://blog.vlt.sh/blog/the-massive-hole-in-the-npm-ecosystem
An interesting (and potentially massive) security flaw in the JavaScript ecosystem that concerns file manifest metadata, and the APIs that use them.
It is also discussed by the author in this podcast interview: https://changelog.com/jsparty/282
You must log in or # to comment.
@general this was partly me experimenting to create a post in digipres.cafe by posting in Mastodon. It worked, but I guess it wasn’t formatted how I initially expected. I guess I should have started with a title for the post?