Hi, the fact that npm and similar package managers currently pose an extremely high security risk (and soon pip as well?) comes as a complete surprise ;).
Perhaps what's happening in the AUR right now is the so-called "silver lining" of a crisis. There are so many suggestions on how to make the AUR complicated, unusable, user-unfriendly, like fighting fire with fire, but perhaps it is finally time to put an end to this insane, unmanageable chaos in package management. Wake-up call Ralf
