How does a pull-through cache prevent this issue? Wouldn’t it also just pull the... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tom1337 13 days ago \| parent \| context \| favorite \| on: Shai-Hulud malware attack: Tinycolor and over 40 N... How does a pull-through cache prevent this issue? Wouldn’t it also just pull the infected version from the upstream registry?

pragma_x 13 days ago [–]

I think it's implied that packages can be blocked and/or evicted from said cache administratively. This deliberately breaks builds, and forces engineers to upgrade/downgrade away from bad packages as needed.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact