#npm
Read more stories on Hashnode
Articles with this tag
When downloading and using a package from any of the sources(npm, pip etc), you are essentially trusting its publisher to run code on your machine. So...