hehe... CVE: "the entire javascript/ruby/python development model is insecure" a... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

marcus_holmes on Nov 17, 2021 | parent | context | favorite | on: Security issue related to the NPM registry

hehe...

CVE: "the entire javascript/ruby/python development model is insecure"

affected: "the whole damn internet"

resolution:"rewrite the last 10 years of internet developmet from scratch"

not sure that's gonna happen

rbanffy on Nov 17, 2021 [–]

At least the npm packages outside their telemetry horizon should be updated immediately.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact