On Fri, Feb 23, 2018 at 11:05 AM, Zoom.Quiet <zoom.qu...@gmail.com> wrote:
> OT: Critical Linux filesystem permissions are being changed by latest > version · Issue #19883 · npm/npm > https://github.com/npm/npm/issues/19883 > Yikes! From the thread: QQQ 1. Be a dev on one of the most critical pieces of on infrastructure of a widely used language. 2. Release new prerelease. 3. Do not use semantic versioning so it looks like a stable. 4. Advertise new build in emails and blog posts but don't mention it's a prerelease. 5. The update mechanism updates to next instead of latest for whatever reason 6. It bricks everyone's systems. 7. Users are reasonably upset. 8. Insult users for being upset. It might be time for an expansion of the NPM team and a review of the current developers on it. QQQ Doesn't increase my confidence in node.js or its security. Edward -- You received this message because you are subscribed to the Google Groups "leo-editor" group. To unsubscribe from this group and stop receiving emails from it, send an email to leo-editor+unsubscr...@googlegroups.com. To post to this group, send email to leo-editor@googlegroups.com. Visit this group at https://groups.google.com/group/leo-editor. For more options, visit https://groups.google.com/d/optout.
