Everyone who had code that broke due to this (and, really, everyone else too) sh... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		taberiand on Jan 11, 2022 \| parent \| context \| favorite \| on: What NPM should do to stop a new colors attack Everyone who had code that broke due to this (and, really, everyone else too) should see it as a clear wake up call that they need to do better managing their dependencies.

lolinder on Jan 11, 2022 | [–]

Yes. Just like everyone who gets ransomware on their computers should see it as a clear wake-up call to improve their security practices. It doesn't mean we shouldn't also condemn the attack that prompted the wake-up call.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact