257

‘No Way To Prevent This,’ Says Only Package Manager Where This Regularly Happens (kevinpatel.xyz)

submitted 1 week ago by cm0002@toast.ooo to c/programmer_humor@programming.dev

18 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] cockmushroom@reddthat.com 1 points 5 days ago

Pebcak.

I write this as someone who fully hates npm and javascript, but it's not even a package manager issue. The issue is that someone gets hacked and their credentials get stolen. This could happen to any ecosystem, it's just more likely to be beneficial if you target JS because of ubiquity.

People would need to develop entirely new credential management protocols to circumvent this and they'd probably be risky to automate to the same degree of convenience that we have now so, unless you're looking to spin up containers for each and every step of development or, god forbid, write/vendor your dependencies it's actually not easy at all to prevent this sort of thing.

this post was submitted on 16 May 2026

257 points (98.1% liked)

Programmer Humor

31576 readers

1419 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 2 years ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev