'No Way to Prevent This,' Says Only Package Manager Where This Regularly Happens

https://kevinpatel.xyz/posts/no-way-to-prevent-this/

46•alligatorplum•1h ago

Comments

btown•18m ago

For those unfamiliar with the context: https://en.wikipedia.org/wiki/%27No_Way_to_Prevent_This,%27_...

Modified3019•14m ago

Same vibe: https://www.youtube.com/watch?v=lOTyUfOHgas

p-e-w•12m ago

With the recent high-profile attacks on PyPI packages, it’s no longer true that npm is the “only package manager where this regularly happens”.

In fact, pip is much more dangerous than npm because it lacks a lockfile. uv fixes that, but adoption is proceeding at a snail’s pace.

aselimov3•10m ago

What are the actual guarantees that go/Rust make that Python/npm don’t? It seems like it might just be that Python/npm are juicier targets? I’m starting to try and avoid all third party packages

cookiengineer•2m ago

I suppose that go's go:generate workflow can also be abused to land a worm like the ones spreading via npm, as you can build programs that just scrape the whole hard drive for git projects and patch the go.mod dependencies there, and you could also just write this in go as a toolchain script, for example.

NPM's achilles is the postinstall step which can run arbitrary commands and shell scripts without the user having any way to intervene.

Dependencies must be run in isolated chroot sandboxes or better, inside containers. That would be the only way to mitigate this problem, as the filesystem of the operating system must be separated from the filesystem of the development workflow.

On top of that most host based firewalls are per-binary instead of per-cmdline. That leads to the warnings and rules relying on that e.g. "python" or "nodejs" getting network access allowlisted, instead of say "nodejs myworm.js".

exabrial•8m ago

I really don't understand why the npm project cannot embrace PGP as an ambulatory 'good enough' solution.

loloquwowndueo•6m ago

The NIH mentality in the ecosystem would result in a JavaScript pgp library which itself would be an npm package and subject to supply chain attacks. lol.

Fix pathological performance in trait solver

Pinote – A lightweight floating Markdown scratchpad app

I built a machine that can make you rich with math [video]

Senior NIAID Official Indicted for Concealing Records During Covid Pandemic

YC startup Luel appears to have copied Kled

Show HN: Nexa-Gauge – LLM eval framework, now with self-hosted model support

Ask HN: What Happened to ssh-audit.com?

Show HN: Plan-Graph based code generation with LLMs

Kinetic typography: the what, why, and how

Symposia AI

Solving CartPole in 8 Weights

Magical Realism: "Northern Exposure" 25 Years Later (2015)

Show HN: Wyndup – share a live countdown with your podcast guest

Elastic Cloud on Kubernetes, simplified: zone awareness, restarts, and mTLS

Jane Street's approach to AI adoption throughout their SDLC [video]

Brovan: Binary user-mode emulator for x86_64

WikiProject Editor Retention

A Compression Tool for LLM Reads. Est. 60-95% Fewer Tokens

North America's largest commuter rail system faces a potential shutdown

Random.website

Humanoid robots won't surprise us when they arrive

Thorchain halts trading after $10M cross-chain exploitRUNE token drops 12%

Engineer creates starwars inspired air bike

How to bypass Anti-Bots in 2026

Python by Example Using Cloudflare Dynamic Workers

Lost in Translation: Text Message Spoofing via Email [pdf]

New quantum algorithm solves "impossible" materials problem in seconds

What Is Rails-Way?

SpaceX targets June 11 IPO pricing, picks Nasdaq for historic market debut

Auto Rebaser v2 – browser-side GitHub PR housekeeping, now multi-account