undefined | Better HN

story

0 pointsdachris5mo ago0 comments

You'd be surprised how many people run 'npm i' in their CI. I've seen this on multiple occasions.

'npm ci' is some mitigation, but doesn't protect against getting hit when running 'npm i(nstall)' during development.

0 comments

Update your knowledge. ”npm install” hasn’t done auto-upgrades for years now.

j / k navigate · click thread line to collapse

Update your knowledge. ”npm install” hasn’t done auto-upgrades for years now.

j / k navigate · click thread line to collapse