Comment on NPM Package With 56K Downloads Caught Stealing WhatsApp Messages
Venator@lemmy.nz 1 day agonoone wants to do because developers want the latest and greatest model.
That’s not true at all, the OS doesn’t have, and shouldn’t have, everything that a package has…
The alternative isn’t for the OS to do it: its to implement everything yourself… Speaking previous from experience working at a company that did exactly that… It has its own set of problems… But it is at least secure 😅
wildbus8979@sh.itjust.works 17 hours ago
Have you ever looked at the available packages in a Linux distribution like Debian or a BSD? There are thousands and thousands of library packaged to support software releases. Like I said, that had been the distribution model for the better of twenty+ years until this new, shittier, model.
Venator@lemmy.nz 3 hours ago
there are over 3.1 million packages available in the main public npm registry…