core-js maintainer threatens millions of users due to new post-install ad policy (github.com) 2 points by switz 6y ago ↗ HN
[–] 0x0 6y ago ↗ With a threat like this, I think the best action going forward would be to kick the author off of npm, and re-purpose the npm package name to a frozen-in-time version of a clean ad-free fork of the latest release, perhaps with a deprecation warning
[–] switz 6y ago ↗ isaacs responded below and clarified that he doesn’t feel core-js is in violation of npm’s new policyhttps://github.com/zloirock/core-js/issues/635#issuecomment-...ICYM npm’s new policy: https://news.ycombinator.com/item?id=20838078
2 comments
[ 3.1 ms ] story [ 17.9 ms ] threadhttps://github.com/zloirock/core-js/issues/635#issuecomment-...
ICYM npm’s new policy: https://news.ycombinator.com/item?id=20838078