Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Is it even possible to look at all dependencies and their dependencies and their dependencies…?


if you use simple c libraries that do one thing, yes, you don't have to go very far at all.

whether you'd be able to find the backdoor in those or not, might depend on your skills as a security expert.


Could luck as a web dev with all those npm packages


there are many reasons I'm not a web dev, and npm is one of them.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: