• platypus_plumba@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    It’s honestly crazy that tools like npm don’t force you to encrypt the tokens for the npm repos. They don’t even support it. Any stupid read_file() with http.post() can screw 1000 people.