always close your toilet lid before npm installing!
Forgot to make a salt circle to contain the evil.
Installed 4239 packages 8000 severe vulnerabilities 200 packages looking for funding
But how else will I figure out if a value is true?
I bet there’s an online service for that
Oh right, I can avoid the full isTrue library implementation with its 8000 dependencies, and instead install the isTrue client, which uses the isTrue cloud service and its REST APIs. Soon it will be AI powered. Then I’ll really be able to tell for sure if my variable value is actually true or not.
Look, can I ask a favor? Can you take that, package it, and put it on npm so I can use it in my project?
You just call GPT and ask if it’s true. Get with the times!
I only do npm install in a docker container where the project and npm cache is mounted. Gives me a bit of security regarding attacks through post install scripts. (
--no-scriptsis not an option since I need some of them)When do people ever do npm install if you don’t trust the project or know what install scripts will run? I’m a web developer of 10 years and I’ve never run npm install to install a piece of software. The only time I ever run npm is when I’m doing development for work.
Jayden animations?
