The fact that OpenAI's pipeline had no minimumReleaseAge configured is surprising though. That's basically saying "run whatever npm published 5 minutes ago in a context that has access to my signing keys." For a company that size, with that attack surface, feels like this should've been caught in a security review.