This. This has always been issue, it does not matter if we're talking about npm, pip, gems or other. It seems to me that people somehow got used to fact that FOSS == inherently secure. Which is, of course, false.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This. This has always been issue, it does not matter if we're talking about npm, pip, gems or other. It seems to me that people somehow got used to fact that FOSS == inherently secure. Which is, of course, false.