undefined | Better HN

0 pointsTheRealDunkirk3y ago0 comments

The idea that some team is "vetting" that the entire stack of stuff you'd pull from npm for a React front-end app is "safe" is ridiculous. Forget the mirroring; that's trivial. What criteria or process would make you think you had a "vetted" snapshot, beyond what they already do!?

0 comments

slt20213y ago

This process is automated by static code analysis tools, once it is deployed then absolutely no meatbag effort is required

j / k navigate · click thread line to collapse

0 pointsTheRealDunkirk3y ago0 comments

0 comments

slt20213y ago

This process is automated by static code analysis tools, once it is deployed then absolutely no meatbag effort is required

j / k navigate · click thread line to collapse