Malicious packages may overwrite any file in the system:
https://blog.daniel-ruf.de/critical-design-flaw-npm-pnpm-yarn/
A static archive of Markus Tacker's tweets. Follow me on Mastodon: @[email protected].
Malicious packages may overwrite any file in the system:
https://blog.daniel-ruf.de/critical-design-flaw-npm-pnpm-yarn/