On Tuesday, January 16, 2018 at 7:00:43 AM UTC-6, Edward K. Ream wrote: > > P. S. A node of caution. If I were designing a hothouse for malware, I > would choose something like the npm package warehouse. A search for "npm > malware" yields this page > <http://blog.npmjs.org/post/163723642530/crossenv-malware-on-the-npm-registry>. > > Presumably Joe Orr is aware of the risks. > > The node.js people do not seem even remotely concerned enough. Hiding > behind the halting problem is pathetic nonsense. >
Later npm blog posts <http://blog.npmjs.org/> indicate that the npm folks are taking reasonable steps to enforce a notion of trusted packages, independent of the halting problem ;-) EKR -- You received this message because you are subscribed to the Google Groups "leo-editor" group. To unsubscribe from this group and stop receiving emails from it, send an email to leo-editor+unsubscr...@googlegroups.com. To post to this group, send email to leo-editor@googlegroups.com. Visit this group at https://groups.google.com/group/leo-editor. For more options, visit https://groups.google.com/d/optout.
