Nezir Zahirovic
Nezir Zahirovic

Here's how NPM plans to improve security and reliability in 2019

NPM had a challenging year, to put it lightly. A series of high-profile incidents resulted in headaches for system administrators, as a combination of third parties abusing the NPM platform as well as bad deployments from the NPM team themselves caused adverse effects.In February, with the release of version 5.7.0, running sudo npm resulted in file permissions being reset across the filesystem, breaking NPM and practically anything else that requires file permissions to work. For people accustomed to semantic versioning practices, 5.7.0 would imply that the version would be safe to install. However, that version, and 5.7.1 that patched the sudo bug, are both prerelease versions, despite there being no indication in the version string or in the release announcement that this is the case.


Here's how NPM plans to improve security and reliability in 2019 #javascriptba #javascript #nodejs #reactjs #angularjs #vuejs #meteorjs #typescript #jquery #emberjs #denojs #bosnia