Mastodon Feed
aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:
I really wish that the npmjs security team published the complete list of file hashes of a compromised package in their stub package page that they use when they remove something.
The way we hide compromises so fast when we respond actually makes responding harder.