Skip to content
Better HN
Top
New
Best
Ask
Show
Jobs
Search
⌘K
undefined | Better HN
0 points
oulipo2
9mo ago
0 comments
Share
Sure, but then you need to have a way to whitelist
0 comments
default
newest
oldest
lrvick
9mo ago
The whitelist is the package-lock.json of the hashes of libraries you or a security reviewer you trust has reviewed.
j
/
k
navigate · click thread line to collapse
