rem’s avatarrem’s Twitter Archive—№ 77,029

  1. Vulnerabilities in npm packages has become a race to the bottom to report and hassle. Search nodemon issues and in all the years there's been one legit vuln. All others are impossible to reach, but people think if you carry the package there's a chance to file an issue.
    On twitter.com Twitter logo rem’s avatar ❤️ 7 Favorites Mood +3 🙂
    1. …in reply to @rem
      I'm whining because when my morning starts with 3 emails about vulns that aren't actual vulns, sad rem gets sad.
      Permalink On twitter.com Twitter logo rem’s avatar ❤️ 5 Favorites Mood -4 🙁
    2. …in reply to @rem
      Equally, specific to nodemon, so so few people actually contribute, but there's been one individual who's stepped up and created a fix for the update-notifier problem, for that I'm eternally grateful and know they'll mostly go unsung 😐
      Permalink On twitter.com Twitter logo rem’s avatar ❤️ 2 Favorites Mood -1 🙁