Node is pure garbage
I have always considered Node to be pure garbage, for its dependencies, for the fact that for specific software versions you need specific Node versions etc.
But there is more to it than meets the eye. Node’s supply chain is insecure and prone to attacks.
A bunch of very widely used web building blocks (npm packages) were compromised today (Sep 8, ~13:16–15:15 UTC). If a website you visit pulled in one of those bad updates, malicious code could silently change the wallet address you’re paying/approving right in your browser, so your funds or approvals go to an attacker even though the screen looks normal. If you’ve signed anything in the last few hours on web apps, verify transactions/approvals and consider revoking risky approvals.
So yea, pure garbage.
more info via reddit
Written by Malin
Self taught IT enthusiast with over 16 years of online background experience. On top of that I'm a blogger, webmaster, husband and father.