9 pointsby Brajeshwar5 hours ago1 comment

sgbeal4 hours ago
> To that end, I wrote a python script which isolates npm inside short-lived docker containers.
Somewhat ironically, docker is just as subject to this type of attack as npm, the main difference being that it (usually) has a narrower blast radius.
- mike-cardwell2 hours ago
  Guessing you meant "python" rather than "docker", as docker is not subject to the same type of attack. However, it's a single .py script that you copy somewhere. Not even close to a typical nodejs project using npm install.