Making "safe npm"
JS Party: JavaScript, CSS, Web Development
The Rise and Fall of Dino
Yarn is a tool that does the same thing as NPM but faster, easy switch over. I don't think node has done anything in response to Dino. They have the HTTPS imports, but it's flagged due to like nightmare level security problems of just that security model. We have the permissions model gets unflagged this month for all those like web APIs,. Like the file API, and labs and stuff. But yeah, I'm not really a yarn user, so I don't know what other reasons people use it for as well.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
