A lot has happened in the last two minor releases of the npm cli that is important to know for people using it:
v11.9 : allow-git flag
v11.10: min-release-age
🧵
Bluesky network·1mo ago·
Did my first talk regarding npm supply chain attacks at an internal developer conference last week. 🎉
My main talking point: Pay attention. It is so easy to mindlessly run an npm install without thinking about possible consequences. 🧵
