Ask HN: How can I make NPM more secure?

2 points by d-d ↗ HN
IIRC a system-deleting bug made its way into a popular NPM package months ago, and I've also heard it's trivial to add rogue dependencies deep in the tree. How can I protect myself against things like this while using NPM?

1 comment

[ 2.6 ms ] story [ 17.6 ms ] thread
Don't run as root && Test in sandboxed environment