I find this concerning in the context of the tendency for packages to promote the use of npx commands, where npx will just find and run the missing package name, so a typo means you have now just run different code than that what you intend in one command.
Does the npm Security Policy discussed at https://www.npmjs.com/policies/security govern testing of all NodeJS modules that are available via npm, or does this policy relate to the software that provides the operational infrastructure for npm itself?
[+] [-] Macha|5 years ago|reply
[+] [-] mumblerino|5 years ago|reply
[+] [-] dave_aiello|5 years ago|reply
[+] [-] Macha|5 years ago|reply