tmaurice2 commented on issue #46: URL: https://github.com/apache/cordova-fetch/issues/46#issuecomment-3596060447
In light of the recent NPM worm attacks, I ask you to please reconsider, as pnpm is more secure than npm (implements a setting to remove the "^" prefix, doesn't execute pre/post install scripts, and recently added a setting to not download newly released packages). I am currently trying to do the equivalent of `cordova platform add android@latest` with pnpm, but so far I have been unsuccessful. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
