Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I guess that the only solution for malicious packages problem would be to have someone review the code. As there's lot of code and reviewing takes time, this has to be a paid service - for a pay you get access to a "safe" repository.

I am not sure if it could be viable business model though. People who use open source got used that it is free and are unlikely to pay.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: