Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
sarciszewski
on Sept 11, 2014
|
parent
|
context
|
favorite
| on:
Node OS
I haven't dabbled in Node yet; my main source of hesitation was I've been told npm doesn't cryptographically sign packages. If npm as a package manager is a selling point, I would hope this has been corrected (or had been all along).
Otherwise, enjoy your MITM trojans.
wcummings
on Sept 11, 2014
[–]
So then you can't host a mirror?
sarciszewski
on Sept 11, 2014
|
parent
[–]
Sure. But if anyone wanted to use your mirror, how would they know you didn't make changes to the base package without crypto? :)
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Otherwise, enjoy your MITM trojans.