If npm or Ubuntu would deliberately replace a package with their own implementation, without giving you notice or making this opt-in, would you call that a supply-chain attack? I would, unless the original package contained malicious code (which is not the case with WPE's custom fields plugin)
benatkin|1 year ago
Sometimes a patch isn’t enough so there is something like SilverWolf. That’s kinda like ACF/SCF.
benatkin|1 year ago