Ask HN: How are you securing your NPM dependencies?
There are few obvious things like adding min-release-age, ignore-scripts and save-exact. What other practice we can follow to ensure we are minimizing the damage, especially with chained dependencies.
1 comment
[ 2.9 ms ] story [ 9.9 ms ] thread