This repository has been archived by the owner on Jun 6, 2024. It is now read-only.
Implement safeguards for NPM packages #44
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
NPM package exploits are a common vulnerability for web3 apps. While we can't eliminate this risk for implementors, we can take some steps to reduce it. These steps could include:
preinstallandpostinstallwith LavaMoat (background here) – although LavaMoat may be unnecessary here since pnpm supports this out of the boxThe text was updated successfully, but these errors were encountered: