top | item 45273588 (no title) Sankozi | 5 months ago No they are not as susceptible - auto updating dependencies, post install scripts and culture of thousands of crappy micro packages (like left-pad) is mainly a NPM issue. discuss order hn newest zachrip|5 months ago Packages are not auto updated if you have a package-lock. Agreed that post-install, left-pad, etc have been overall problematic tho.
zachrip|5 months ago Packages are not auto updated if you have a package-lock. Agreed that post-install, left-pad, etc have been overall problematic tho.
zachrip|5 months ago